urlscan.io logo urlscan.io
SecurityTrails logo

www.itpro.com Open in urlscan Pro
151.101.130.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.itpro.co.uk/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Effective URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Submission: On April 30 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 6 countries across 126 domains to perform 539 HTTP transactions. The main IP is 151.101.130.114, located in United States and belongs to FASTLY, US. The main domain is www.itpro.com. The Cisco Umbrella rank of the primary domain is 371597.
TLS certificate: Issued by R3 on March 24th 2023. Valid for: 3 months.
This is the only time www.itpro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 151.101.130.114 54113 (FASTLY)
28 8.252.240.250 3356 (LEVEL3)
12 18.164.124.8 16509 (AMAZON-02)
4 151.101.2.114 54113 (FASTLY)
12 151.101.66.114 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
23 151.139.128.10 20446 (STACKPATH...)
1 18.164.101.60 16509 (AMAZON-02)
5 8.252.29.122 3356 (LEVEL3)
7 2607:f8b0:400... 15169 (GOOGLE)
4 99.84.37.91 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.194.161.83 14618 (AMAZON-AES)
1 34.227.167.161 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 185.113.25.53 20596 (FUTURE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:250... 16509 (AMAZON-02)
3 4 2600:9000:220... 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
7 12 68.67.160.114 29990 (ASN-APPNEX)
1 104.19.150.54 13335 (CLOUDFLAR...)
13 34.107.254.252 396982 (GOOGLE-CL...)
1 5 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.96.55 16509 (AMAZON-02)
3 143.204.151.99 16509 (AMAZON-02)
1 18.160.225.44 16509 (AMAZON-02)
2 52.85.61.61 16509 (AMAZON-02)
4 4 104.36.115.113 62713 (AS-PUBMATIC)
3 162.248.18.10 62713 (AS-PUBMATIC)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 35.190.59.101 15169 (GOOGLE)
14 2a04:4e42::626 54113 (FASTLY)
1 44.196.240.118 14618 (AMAZON-AES)
6 2602:803:c002... 26667 (RUBICONPR...)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 35.211.165.199 19527 (GOOGLE-2)
2 104.18.25.185 13335 (CLOUDFLAR...)
1 18.160.200.32 16509 (AMAZON-02)
2 18.172.127.224 16509 (AMAZON-02)
1 44.198.147.87 14618 (AMAZON-AES)
6 19 35.244.159.8 15169 (GOOGLE)
1 15 69.166.1.12 27630 (AS-XFERNET)
1 1 69.166.1.10 27630 (AS-XFERNET)
4 4 72.251.238.254 32475 (SINGLEHOP...)
8 22 35.71.139.29 16509 (AMAZON-02)
12 12 2606:ae80:147... 25751 (VALUECLICK)
9 9 67.202.105.23 32748 (STEADFAST)
11 23.195.100.214 16625 (AKAMAI-AS)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
3 16 192.40.39.223 27381 (CASALE-MEDIA)
2 4 52.73.45.124 14618 (AMAZON-AES)
7 7 104.127.172.242 16625 (AKAMAI-AS)
20 104.107.5.93 16625 (AKAMAI-AS)
12 13 3.225.218.10 14618 (AMAZON-AES)
17 20 35.211.178.172 15169 (GOOGLE)
6 11 34.192.116.223 14618 (AMAZON-AES)
19 195.244.31.10 63140 (IGUANA-WO...)
2 4 18.164.116.98 16509 (AMAZON-02)
1 152.199.5.228 15133 (EDGECAST)
3 2607:f8b0:400... 15169 (GOOGLE)
2 21 52.46.151.131 16509 (AMAZON-02)
17 21 142.250.80.2 15169 (GOOGLE)
19 19 35.71.131.137 16509 (AMAZON-02)
1 8.18.47.7 398989 (DEEPINTENT)
1 63.251.28.233 26558 (FREEWHEEL)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
7 7 68.67.160.75 29990 (ASN-APPNEX)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 18.172.122.105 16509 (AMAZON-02)
4 4 199.38.167.130 54312 (ROCKETFUEL)
10 10 54.227.211.254 14618 (AMAZON-AES)
6 6 64.202.112.63 22075 (AS-OUTBRAIN)
4 7 96.17.64.208 16625 (AKAMAI-AS)
1 1 35.214.153.92 15169 (GOOGLE)
1 1 3.135.83.143 16509 (AMAZON-02)
2 4 54.145.221.84 14618 (AMAZON-AES)
2 2 204.62.13.72 46636 (NATCOWEB)
2 2 96.46.186.57 7979 (SERVERS-COM)
1 1 192.132.33.46 18568 (BIDTELLECT)
4 9 35.190.60.146 15169 (GOOGLE)
1 1 3.225.173.193 14618 (AMAZON-AES)
6 6 74.121.140.211 30419 (MEDIAMATH...)
4 6 198.148.27.139 19189 (PULSEPOINT)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 4 107.23.31.66 14618 (AMAZON-AES)
1 1 107.22.73.131 14618 (AMAZON-AES)
1 1 159.89.246.130 14061 (DIGITALOC...)
2 2 3.135.104.136 16509 (AMAZON-02)
1 2a06:8640:987::2 55081 (24SHELLS)
3 51.222.39.186 16276 (OVH)
1 199.187.193.177 47043 (SMARTADSE...)
4 4 8.43.72.98 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
19 2607:f8b0:400... 15169 (GOOGLE)
1 4 23.34.248.177 16625 (AKAMAI-AS)
1 1 52.202.108.25 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 7 23.227.139.243 55081 (24SHELLS)
5 5 207.198.113.90 13768 (COGECO-PEER1)
3 3 54.235.118.90 14618 (AMAZON-AES)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
7 7 199.127.204.171 26120 (RHYTHMONE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
3 3 199.127.204.147 26120 (RHYTHMONE)
2 3 35.186.253.211 15169 (GOOGLE)
4 7 69.173.151.100 26667 (RUBICONPR...)
4 4 8.39.36.141 26667 (RUBICONPR...)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.94.222.140 16509 (AMAZON-02)
2 5 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 199.187.193.179 47043 (SMARTADSE...)
9 52.204.13.233 14618 (AMAZON-AES)
1 52.5.227.56 14618 (AMAZON-AES)
1 34.107.148.139 396982 (GOOGLE-CL...)
19 2603:c020:400... 31898 (ORACLE-BM...)
1 4 199.187.193.182 47043 (SMARTADSE...)
1 1 213.19.162.80 3356 (LEVEL3)
3 3 54.205.152.91 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 199.187.193.181 47043 (SMARTADSE...)
1 10 96.17.64.29 16625 (AKAMAI-AS)
2 104.18.11.47 13335 (CLOUDFLAR...)
1 2606:2800:21f... 15133 (EDGECAST)
3 4 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
3 3 151.101.2.49 54113 (FASTLY)
1 2 67.202.105.31 32748 (STEADFAST)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
4 4 8.28.7.83 62713 (AS-PUBMATIC)
1 1 162.210.196.208 30633 (LEASEWEB-...)
2 2 52.70.149.227 14618 (AMAZON-AES)
1 141.226.224.48 200478 (TABOOLA-AS)
2 2 44.198.70.90 14618 (AMAZON-AES)
1 1 74.119.119.150 19750 (AS-CRITEO)
4 4 35.207.24.140 15169 (GOOGLE)
5 5 34.238.211.149 14618 (AMAZON-AES)
1 1 2620:112:f006... 6336 (TURN-US-ASN)
1 1 107.21.30.255 14618 (AMAZON-AES)
1 18.160.225.119 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 54.81.160.36 14618 (AMAZON-AES)
2 2 44.212.188.189 14618 (AMAZON-AES)
2 2 35.211.233.246 19527 (GOOGLE-2)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 23.198.216.24 16625 (AKAMAI-AS)
6 34.117.239.71 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 23.54.68.184 16625 (AKAMAI-AS)
1 2600:9000:250... 16509 (AMAZON-02)
9 18.164.96.81 16509 (AMAZON-02)
3 3 8.28.7.82 62713 (AS-PUBMATIC)
1 1 162.248.18.34 62713 (AS-PUBMATIC)
1 173.223.56.138 16625 (AKAMAI-AS)
1 52.207.32.105 14618 (AMAZON-AES)
1 1 34.170.123.2 396982 (GOOGLE-CL...)
1 2 18.214.144.110 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.16.195 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.19.155.0 16509 (AMAZON-02)
2 7 34.111.234.236 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.214.24.142 14618 (AMAZON-AES)
2 3 34.197.192.192 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.251.35.166 15169 (GOOGLE)
5 34.246.12.185 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
539 125
3    151.101.130.114 (United States)

ASN54113 (FASTLY, US)
www.itpro.co.uk
www.itpro.com
28    8.252.240.250 (United States)

ASN3356 (LEVEL3, US)
cdn.mos.cms.futurecdn.net
vanilla.futurecdn.net
mos.fie.futurecdn.net
12    18.164.124.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-8.jfk50.r.cloudfront.net
cdn.privacy-mgmt.com
4    151.101.2.114 (United States)

ASN54113 (FASTLY, US)
slice.vanilla.futurecdn.net
12    151.101.66.114 (United States)

ASN54113 (FASTLY, US)
search-api.fie.futurecdn.net
1    2606:4700::6812:af (United States)

ASN13335 (CLOUDFLARENET, US)
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
23    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
freyr.futurecdn.net
bordeaux.futurecdn.net
champagne.futurecdn.net
ads.servebom.com
pixel.servebom.com
1    18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net
cdn.parsely.com
5    8.252.29.122 (United States)

ASN3356 (LEVEL3, US)
vanilla.futurecdn.net
7    2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.ca
4    99.84.37.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-91.ewr52.r.cloudfront.net
uk-script.dotmetrics.net
1    2607:f8b0:4006:80d::200e (New York, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
1    34.227.167.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-167-161.compute-1.amazonaws.com
sommelier.futurehybrid.tech
3    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    185.113.25.53 (London, United Kingdom)

ASN20596 (FUTURE, GB)
search-api.fie.future.net.uk
3    2a03:2880:f011:8:face:b00c:0:1 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2507:4400:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rm-script.dotmetrics.net
4    2600:9000:2209:a200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    2600:9000:2209:f200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co
12    68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
13    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
5    2607:f8b0:4006:822::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
8    2607:f8b0:4006:807::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    52.85.96.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-96-55.pmo50.r.cloudfront.net
cdn.adsafeprotected.com
3    143.204.151.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-151-99.ewr52.r.cloudfront.net
c.amazon-adsystem.com
1    18.160.225.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-225-44.ord58.r.cloudfront.net
ats-wrapper.privacymanager.io
2    52.85.61.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-61.ewr53.r.cloudfront.net
geo.privacymanager.io
4    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
5    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
14    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
1    44.196.240.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-240-118.compute-1.amazonaws.com
tlx.3lift.com
6    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    18.160.200.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-200-32.ord56.r.cloudfront.net
hb.undertone.com
2    18.172.127.224 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-127-224.ord56.r.cloudfront.net
aax.amazon-adsystem.com
1    44.198.147.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-147-87.compute-1.amazonaws.com
pixel.adsafeprotected.com
19    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
15    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
purch-sync.go.sonobi.com
4    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
22    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
12    2606:ae80:1471:16::730 (United States)

ASN25751 (VALUECLICK, US)
purch-match.dotomi.com
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
synacor-match.dotomi.com
medianet-match.dotomi.com
33across-match.dotomi.com
9    67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
pixel.33across.com
11    23.195.100.214 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2600:1f18:612b:4232:7c88:3c62:7bac:f19d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
qds0l.publishers.tremorhub.com
16    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    52.73.45.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-45-124.compute-1.amazonaws.com
sync.bfmio.com
7    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
20    104.107.5.93 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-5-93.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
13    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
20    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
11    34.192.116.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-116-223.compute-1.amazonaws.com
match.sharethrough.com
19    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
4    18.164.116.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-98.jfk50.r.cloudfront.net
sb.scorecardresearch.com
1    152.199.5.228 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
3    2607:f8b0:4006:80c::200a (New York, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
21    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
21    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
cm.g.doubleclick.net
19    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    63.251.28.233 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
7    68.67.160.75 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    18.172.122.105 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-122-105.ord56.r.cloudfront.net
api-2-0.spot.im
4    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
10    54.227.211.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-211-254.compute-1.amazonaws.com
match.prod.bidr.io
6    64.202.112.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
7    96.17.64.208 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-208.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    3.135.83.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-83-143.us-east-2.compute.amazonaws.com
sync.adotmob.com
4    54.145.221.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-221-84.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
9    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    3.225.173.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-173-193.compute-1.amazonaws.com
rtb.adstanding.com
6    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
4    107.23.31.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-31-66.compute-1.amazonaws.com
dpm.demdex.net
1    107.22.73.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-73-131.compute-1.amazonaws.com
nep.advangelists.com
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
2    3.135.104.136 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-104-136.us-east-2.compute.amazonaws.com
x.videobyte.com
1    2a06:8640:987::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
3    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
1    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
19    2607:f8b0:4006:821::2001 (New York, United States)

ASN15169 (GOOGLE, US)
f61aafe85714fdabf335e406d30345f0.safeframe.googlesyndication.com
tpc.googlesyndication.com
4    23.34.248.177 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-177.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
1    52.202.108.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-108-25.compute-1.amazonaws.com
jadserve.postrelease.com
1    2607:f8b0:4006:809::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
5    207.198.113.90 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    54.235.118.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-118-90.compute-1.amazonaws.com
sync.crwdcntrl.net
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
7    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
7    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    2600:1f18:4e9:5a07:79b9:bad9:3afb:a3d4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
9    52.204.13.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-13-233.compute-1.amazonaws.com
vpb-server.jwplayer.com
1    52.5.227.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-227-56.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
19    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
jwplayer.technoratimedia.com
sync.technoratimedia.com
uat-net.technoratimedia.com
4    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
3    54.205.152.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-152-91.compute-1.amazonaws.com
ad.360yield.com
6    2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
20    2607:f8b0:4006:820::2001 (New York, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2607:f8b0:4006:816::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-global.smartadserver.com
10    96.17.64.29 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-29.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    2606:2800:21f:2cf1:7be6:911:71d9:25f7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
4    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    162.210.196.208 (Wilmington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    52.70.149.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-149-227.compute-1.amazonaws.com
t.pswec.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    44.198.70.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-70-90.compute-1.amazonaws.com
pm.w55c.net
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
5    34.238.211.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-211-149.compute-1.amazonaws.com
i.liadm.com
1    2620:112:f006:bbbb::16 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    107.21.30.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-30-255.compute-1.amazonaws.com
mid.rkdms.com
1    18.160.225.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-225-119.ord58.r.cloudfront.net
aa.agkn.com
1    2606:4700::6812:16ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    54.81.160.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-160-36.compute-1.amazonaws.com
aorta.clickagy.com
2    44.212.188.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-188-189.compute-1.amazonaws.com
sync.ipredictive.com
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    23.198.216.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-24.deploy.static.akamaitechnologies.com
c21lg-d.media.net
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
2    2607:f8b0:4006:820::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    23.54.68.184 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-184.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2600:9000:2507:1000:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
9    18.164.96.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-81.jfk50.r.cloudfront.net
usr.undertone.com
3    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    173.223.56.138 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-138.deploy.static.akamaitechnologies.com
cw.addthis.com
1    52.207.32.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-32-105.compute-1.amazonaws.com
beacon.krxd.net
1    34.170.123.2 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com
um.simpli.fi
2    18.214.144.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-144-110.compute-1.amazonaws.com
um2.eqads.com
2    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    104.18.16.195 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
3    2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
futureplc-com.videoplayerhub.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:20::681a:c12 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
1    52.19.155.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-155-0.eu-west-1.compute.amazonaws.com
p.cpx.to
7    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
2    2607:f8b0:4006:824::200e (New York, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    3.214.24.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-24-142.compute-1.amazonaws.com
in.ml314.com
3    34.197.192.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com
ps.eyeota.net
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.35.166 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f6.1e100.net
ad.doubleclick.net
5    34.246.12.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-12-185.eu-west-1.compute.amazonaws.com
s.cpx.to
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
Apex Domain
Subdomains		 Transfer
53 futurecdn.net
cdn.mos.cms.futurecdn.net — Cisco Umbrella Rank: 18072
slice.vanilla.futurecdn.net — Cisco Umbrella Rank: 25624
search-api.fie.futurecdn.net — Cisco Umbrella Rank: 28199
vanilla.futurecdn.net — Cisco Umbrella Rank: 21269
freyr.futurecdn.net — Cisco Umbrella Rank: 21074
bordeaux.futurecdn.net — Cisco Umbrella Rank: 23240
champagne.futurecdn.net — Cisco Umbrella Rank: 24898
mos.fie.futurecdn.net — Cisco Umbrella Rank: 32974
974 KB
50 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1275
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3036
124 KB
34 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
ad.doubleclick.net — Cisco Umbrella Rank: 201
173 KB
28 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1037
aud.pubmatic.com — Cisco Umbrella Rank: 9991
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
ads.pubmatic.com — Cisco Umbrella Rank: 725
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image8.pubmatic.com — Cisco Umbrella Rank: 1002
image4.pubmatic.com — Cisco Umbrella Rank: 1704
65 KB
27 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
78 KB
23 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
eb2.3lift.com — Cisco Umbrella Rank: 535
11 KB
22 openx.net
us-u.openx.net — Cisco Umbrella Rank: 707
rtb.openx.net — Cisco Umbrella Rank: 1886
u.openx.net — Cisco Umbrella Rank: 974
4 KB
22 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1416
x.bidswitch.net — Cisco Umbrella Rank: 427
9 KB
21 googlesyndication.com
f61aafe85714fdabf335e406d30345f0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
65 KB
20 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
436 KB
20 technoratimedia.com
jwplayer.technoratimedia.com — Cisco Umbrella Rank: 38420
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 8025
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
uat-net.technoratimedia.com — Cisco Umbrella Rank: 5110
29 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
acdn.adnxs.com — Cisco Umbrella Rank: 806
37 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
10 KB
19 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1151
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 5433
5 KB
19 servebom.com
ads.servebom.com — Cisco Umbrella Rank: 16923
pixel.servebom.com — Cisco Umbrella Rank: 17451
5 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 768
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
15 KB
16 media.net
cs.media.net — Cisco Umbrella Rank: 2272
prebid.media.net — Cisco Umbrella Rank: 1912
contextual.media.net — Cisco Umbrella Rank: 838
hbx.media.net — Cisco Umbrella Rank: 2144
c21lg-d.media.net — Cisco Umbrella Rank: 3606
37 KB
16 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
6 KB
16 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
purch-sync.go.sonobi.com — Cisco Umbrella Rank: 33768
16 KB
15 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1678
pixel.33across.com — Cisco Umbrella Rank: 5040
events-ssc.33across.com — Cisco Umbrella Rank: 4327
6 KB
14 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3232
api.permutive.com — Cisco Umbrella Rank: 2596
198 KB
14 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2945
entitlements.jwplayer.com — Cisco Umbrella Rank: 3874
vpb-server.jwplayer.com — Cisco Umbrella Rank: 24777
16 KB
12 dotomi.com
purch-match.dotomi.com — Cisco Umbrella Rank: 31943
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 8170
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 10516
synacor-match.dotomi.com — Cisco Umbrella Rank: 11086
medianet-match.dotomi.com — Cisco Umbrella Rank: 12422
33across-match.dotomi.com — Cisco Umbrella Rank: 7205
4 KB
12 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4131
62 KB
11 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
7 KB
11 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4595
cdn.undertone.com — Cisco Umbrella Rank: 6530
usr.undertone.com — Cisco Umbrella Rank: 6128
7 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
5 KB
9 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1007
idsync.rlcdn.com — Cisco Umbrella Rank: 621
1 KB
9 google.com
ampcid.google.com — Cisco Umbrella Rank: 2680
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
analytics.google.com — Cisco Umbrella Rank: 406
2 KB
8 ml314.com
ml314.com — Cisco Umbrella Rank: 2828
in.ml314.com — Cisco Umbrella Rank: 13905
13 KB
8 spotim.market
s.spotim.market — Cisco Umbrella Rank: 7968
sync.spotim.market — Cisco Umbrella Rank: 3824
5 KB
8 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2781
386 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
5 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5678
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2556
3 KB
7 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
tags.bluekai.com — Cisco Umbrella Rank: 822
4 KB
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10289
s.cpx.to — Cisco Umbrella Rank: 3832
6 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
117 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
5 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
3 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
4 KB
6 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 520
fonts.googleapis.com — Cisco Umbrella Rank: 119
350 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 891
3 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
3 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
320 B
5 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 113793
www.google.ca — Cisco Umbrella Rank: 8003
adservice.google.ca — Cisco Umbrella Rank: 14238
1 KB
5 dotmetrics.net
uk-script.dotmetrics.net — Cisco Umbrella Rank: 4062
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5359
21 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1505
2 KB
4 pippio.com
pippio.com — Cisco Umbrella Rank: 1156
898 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
d.turn.com — Cisco Umbrella Rank: 1830
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
3 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
4 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2570
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
2 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1459
2 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1542
api.btloader.com — Cisco Umbrella Rank: 1745
8 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
178 KB
3 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3204
140 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
dis.criteo.com — Cisco Umbrella Rank: 941
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
755 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
947 B
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
2 KB
3 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3884
171 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
2 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4791
geo.privacymanager.io — Cisco Umbrella Rank: 2374
122 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
243 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1707
1 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3572
71 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4708
564 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3496
969 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
963 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
1 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 5745
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2690
hde.tynt.com — Cisco Umbrella Rank: 6065
3 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 958
3 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
662 B
2 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 10840
397 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3435
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
766 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2294
593 B
2 tremorhub.com
qds0l.publishers.tremorhub.com — Cisco Umbrella Rank: 34746
699 B
2 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4712
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
8 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3747
p1.parsely.com — Cisco Umbrella Rank: 3160
19 KB
2 itpro.com
www.itpro.com — Cisco Umbrella Rank: 371597
89 KB
1 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3954
1 videoplayerhub.com
futureplc-com.videoplayerhub.com — Cisco Umbrella Rank: 31849
463 B
1 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 10976
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
628 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 807
338 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 4718
427 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 413
668 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 3152
436 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 2696
557 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
654 B
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1848
552 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1356
231 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 4618
426 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 6011
392 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
17 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1859
537 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 6137
371 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 8285
184 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 8886
356 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1329
379 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2233
750 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
283 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3823
191 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
349 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
510 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 829
650 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
222 B
1 skimresources.com
r.skimresources.com — Cisco Umbrella Rank: 4041
384 B
1 prmutv.co
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co — Cisco Umbrella Rank: 39917
393 B
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 4337
44 KB
1 future.net.uk
search-api.fie.future.net.uk — Cisco Umbrella Rank: 44369
97 KB
1 futurehybrid.tech
sommelier.futurehybrid.tech — Cisco Umbrella Rank: 24131
3 KB
1 permutive.app
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 23587
268 KB
1 itpro.co.uk
www.itpro.co.uk — Cisco Umbrella Rank: 739400
339 B
0 bnmla.com Failed
match.bnmla.com Failed
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
539 126
Domain Requested by
27 vanilla.futurecdn.net www.itpro.com
vanilla.futurecdn.net
22 eb2.3lift.com 8 redirects ad-cdn.technoratimedia.com
eb2.3lift.com
bordeaux.futurecdn.net
21 cm.g.doubleclick.net 17 redirects www.itpro.com
u.openx.net
eb2.3lift.com
21 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
c.amazon-adsystem.com
s.amazon-adsystem.com
www.itpro.com
bh.contextweb.com
match.sharethrough.com
u.openx.net
eb2.3lift.com
20 cdn.ampproject.org securepubads.g.doubleclick.net
20 x.bidswitch.net 17 redirects www.itpro.com
us-u.openx.net
20 eus.rubiconproject.com bordeaux.futurecdn.net
eus.rubiconproject.com
visitor.omnitagjs.com
s.amazon-adsystem.com
ssl.p.jwpcdn.com
ad-cdn.technoratimedia.com
hde.tynt.com
cdn.undertone.com
19 match.adsrvr.org 19 redirects
18 tpc.googlesyndication.com www.itpro.com
cdn.ampproject.org
17 us-u.openx.net 6 redirects u.openx.net
ad-cdn.technoratimedia.com
us-u.openx.net
16 pixel.servebom.com www.itpro.com
bordeaux.futurecdn.net
ssum-sec.casalemedia.com
visitor.omnitagjs.com
15 sync.go.sonobi.com 1 redirects bordeaux.futurecdn.net
www.itpro.com
14 visitor.omnitagjs.com bordeaux.futurecdn.net
visitor.omnitagjs.com
s.spotim.market
ssbsync.smartadserver.com
eus.rubiconproject.com
13 api.permutive.com 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
12 sync.technoratimedia.com ad-cdn.technoratimedia.com
us-u.openx.net
eb2.3lift.com
hde.tynt.com
12 ib.adnxs.com 7 redirects 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
bordeaux.futurecdn.net
eb2.3lift.com
acdn.adnxs.com
12 search-api.fie.futurecdn.net www.itpro.com
search-api.fie.futurecdn.net
12 cdn.privacy-mgmt.com www.itpro.com
cdn.privacy-mgmt.com
11 match.sharethrough.com 6 redirects s.amazon-adsystem.com
match.sharethrough.com
11 ups.analytics.yahoo.com 10 redirects u.openx.net
11 ads.pubmatic.com bordeaux.futurecdn.net
visitor.omnitagjs.com
s.spotim.market
s.amazon-adsystem.com
ads.pubmatic.com
ssl.p.jwpcdn.com
ad-cdn.technoratimedia.com
contextual.media.net
10 contextual.media.net 1 redirects ssl.p.jwpcdn.com
contextual.media.net
10 match.prod.bidr.io 10 redirects
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
9 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
9 vpb-server.jwplayer.com ssl.p.jwpcdn.com
www.itpro.com
u.openx.net
8 ssc-cms.33across.com 8 redirects
8 ssl.p.jwpcdn.com content.jwplatform.com
8 securepubads.g.doubleclick.net bordeaux.futurecdn.net
securepubads.g.doubleclick.net
www.itpro.com
7 ml314.com 2 redirects www.itpro.com
ml314.com
7 pixel.rubiconproject.com 4 redirects www.itpro.com
7 sync.1rx.io 7 redirects
7 sync.spotim.market 2 redirects s.spotim.market
7 secure.adnxs.com 7 redirects
7 secure-assets.rubiconproject.com 7 redirects
6 events-ssc.33across.com hde.tynt.com
ad-cdn.technoratimedia.com
6 bh.contextweb.com 4 redirects s.amazon-adsystem.com
bh.contextweb.com
6 sync.mathtag.com 6 redirects
6 id.rlcdn.com 2 redirects visitor.omnitagjs.com
ssbsync.smartadserver.com
contextual.media.net
us-u.openx.net
6 b1sync.zemanta.com 6 redirects
6 fastlane.rubiconproject.com bordeaux.futurecdn.net
6 www.google-analytics.com www.itpro.com
www.google-analytics.com
5 s.cpx.to p.cpx.to
www.itpro.com
5 i.liadm.com 5 redirects
5 uat-net.technoratimedia.com ad-cdn.technoratimedia.com
5 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
ssum-sec.casalemedia.com
5 pixel-sync.sitescout.com 5 redirects
5 stags.bluekai.com 4 redirects us-u.openx.net
5 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
5 ssum-sec.casalemedia.com 2 redirects bordeaux.futurecdn.net
ssum-sec.casalemedia.com
cdn.undertone.com
5 www.facebook.com www.itpro.com
5 www.google.com 1 redirects www.itpro.com
5 cdn.mos.cms.futurecdn.net www.itpro.com
4 rtb.mfadsrvr.com 4 redirects
4 image2.pubmatic.com 4 redirects
4 pippio.com 3 redirects cdn.undertone.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 token.rubiconproject.com 4 redirects
4 pixel-us-east.rubiconproject.com 4 redirects
4 dpm.demdex.net 1 redirects www.itpro.com
cdn.undertone.com
4 sync.srv.stackadapt.com 2 redirects eb2.3lift.com
4 p.rfihub.com 4 redirects
4 sb.scorecardresearch.com 2 redirects www.itpro.com
4 sync.bfmio.com 2 redirects bordeaux.futurecdn.net
sync.bfmio.com
4 ap.lijit.com 4 redirects
4 image6.pubmatic.com 4 redirects
4 cdn.jwplayer.com 3 redirects vanilla.futurecdn.net
4 uk-script.dotmetrics.net www.itpro.com
uk-script.dotmetrics.net
4 slice.vanilla.futurecdn.net www.itpro.com
3 ps.eyeota.net 2 redirects www.itpro.com
3 www.googletagmanager.com www.itpro.com
www.googletagmanager.com
3 prd.jwpltx.com www.itpro.com
3 image8.pubmatic.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 idsync.rlcdn.com 2 redirects u.openx.net
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 www.gstatic.com content.jwplatform.com
www.gstatic.com
3 ad.360yield.com 3 redirects
3 rtb.openx.net 2 redirects us-u.openx.net
3 sync.targeting.unrulymedia.com 3 redirects
3 ad.turn.com 3 redirects
3 pixel.tapad.com 2 redirects u.openx.net
3 sync.crwdcntrl.net 3 redirects
3 assets-jpcust.jwpsrv.com www.itpro.com
3 cs.media.net 1 redirects contextual.media.net
3 onetag-sys.com visitor.omnitagjs.com
s.spotim.market
ad-cdn.technoratimedia.com
3 imasdk.googleapis.com content.jwplatform.com
imasdk.googleapis.com
vanilla.futurecdn.net
3 aud.pubmatic.com www.itpro.com
3 c.amazon-adsystem.com bordeaux.futurecdn.net
c.amazon-adsystem.com
3 www.google.ca www.itpro.com
3 connect.facebook.net www.itpro.com
connect.facebook.net
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 ads.servebom.com bordeaux.futurecdn.net
champagne.futurecdn.net
2 api.btloader.com futureplc-com.videoplayerhub.com
2 ad-delivery.net www.itpro.com
2 analytics.google.com www.googletagmanager.com
2 cdn.onesignal.com www.itpro.com
cdn.onesignal.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pagead2.googlesyndication.com www.itpro.com
2 33across-match.dotomi.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 pm.w55c.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 synacor-match.dotomi.com 2 redirects
2 t.pswec.com 2 redirects
2 gum.criteo.com 1 redirects contextual.media.net
2 js-sec.indexww.com ssl.p.jwpcdn.com
bordeaux.futurecdn.net
2 pulsepoint-match.dotomi.com 2 redirects
2 jwplayer.technoratimedia.com ssl.p.jwpcdn.com
2 amazon-tam-match.dotomi.com 2 redirects
2 u.openx.net s.amazon-adsystem.com
ssl.p.jwpcdn.com
2 px.ads.linkedin.com www.itpro.com
eb2.3lift.com
2 x.videobyte.com 2 redirects
2 tags.bluekai.com www.itpro.com
cdn.undertone.com
2 ads.betweendigital.com 2 redirects
2 inv-nets.admixer.net 2 redirects
2 creativecdn.com 2 redirects
2 pixel.advertising.com 2 redirects
2 qds0l.publishers.tremorhub.com 2 redirects
2 purch-match.dotomi.com 2 redirects
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 htlb.casalemedia.com bordeaux.futurecdn.net
ssl.p.jwpcdn.com
2 grid.bidswitch.net bordeaux.futurecdn.net
ssl.p.jwpcdn.com
2 hbopenbid.pubmatic.com bordeaux.futurecdn.net
ssl.p.jwpcdn.com
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 bordeaux.futurecdn.net www.itpro.com
bordeaux.futurecdn.net
2 www.itpro.com www.itpro.com
1 ad.doubleclick.net www.itpro.com
1 in.ml314.com ml314.com
1 p.cpx.to www.itpro.com
1 cdn.brandmetrics.com www.itpro.com
1 btloader.com www.itpro.com
1 futureplc-com.videoplayerhub.com 1 redirects
1 www.dianomi.com vanilla.futurecdn.net
1 um.simpli.fi 1 redirects
1 beacon.krxd.net cdn.undertone.com
1 cw.addthis.com cdn.undertone.com
1 image4.pubmatic.com 1 redirects
1 cdn.undertone.com bordeaux.futurecdn.net
1 acdn.adnxs.com bordeaux.futurecdn.net
1 c21lg-d.media.net contextual.media.net
1 c.bing.com eb2.3lift.com
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 aa.agkn.com us-u.openx.net
1 mid.rkdms.com 1 redirects
1 d.turn.com 1 redirects
1 dis.criteo.com 1 redirects
1 hbx.media.net contextual.media.net
1 sync.taboola.com ad-cdn.technoratimedia.com
1 sync.aralego.com 1 redirects
1 hde.tynt.com ad-cdn.technoratimedia.com
1 de.tynt.com 1 redirects
1 pixel.33across.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ad-cdn.technoratimedia.com ssl.p.jwpcdn.com
1 ssbsync-global.smartadserver.com 1 redirects
1 googleads.g.doubleclick.net www.itpro.com
1 pixel-eu.rubiconproject.com 1 redirects
1 prebid.media.net ssl.p.jwpcdn.com
1 prebid-server.rubiconproject.com ssl.p.jwpcdn.com
1 ssbsync-us.smartadserver.com 1 redirects
1 aax-eu.amazon-adsystem.com www.itpro.com
1 s0.2mdn.net imasdk.googleapis.com
1 jadserve.postrelease.com 1 redirects
1 f61aafe85714fdabf335e406d30345f0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 ssbsync.smartadserver.com visitor.omnitagjs.com
1 s.spotim.market visitor.omnitagjs.com
1 e.serverbid.com 1 redirects
1 nep.advangelists.com 1 redirects
1 sync.adkernel.com www.itpro.com
1 rtb.adstanding.com 1 redirects
1 bttrack.com 1 redirects
1 sync.adotmob.com 1 redirects
1 csync.loopme.me 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 cms.quantserve.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 entitlements.jwplayer.com content.jwplatform.com
1 purch-sync.go.sonobi.com 1 redirects
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 hb.undertone.com bordeaux.futurecdn.net
1 tlx.3lift.com bordeaux.futurecdn.net
1 r.skimresources.com search-api.fie.futurecdn.net
1 ats-wrapper.privacymanager.io bordeaux.futurecdn.net
1 cdn.adsafeprotected.com bordeaux.futurecdn.net
1 cdn.permutive.com 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
1 6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
1 content.jwplatform.com vanilla.futurecdn.net
1 rm-script.dotmetrics.net www.itpro.com
1 search-api.fie.future.net.uk search-api.fie.futurecdn.net
1 ampcid.google.ca www.google-analytics.com
1 sommelier.futurehybrid.tech bordeaux.futurecdn.net
1 p1.parsely.com www.itpro.com
1 ampcid.google.com www.google-analytics.com
1 mos.fie.futurecdn.net www.itpro.com
1 champagne.futurecdn.net www.itpro.com
1 cdn.parsely.com www.itpro.com
1 freyr.futurecdn.net www.itpro.com
1 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app www.itpro.com
1 www.itpro.co.uk 1 redirects
0 match.bnmla.com Failed www.itpro.com
0 ssl-market-east.smrtb.com Failed www.itpro.com
539 210
Subject Issuer Validity Valid
www.itpro.co.uk
R3		 2023-03-24 -
2023-06-22		 3 months crt.sh
*.futurecdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-06 -
2023-07-06		 a year crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M02		 2022-11-07 -
2023-12-06		 a year crt.sh
slice.vanilla.futurecdn.net
R3		 2023-04-01 -
2023-06-30		 3 months crt.sh
hawk.techradar.com
R3		 2023-04-21 -
2023-07-20		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-03-11 -
2023-06-09		 3 months crt.sh
freyr.futurecdn.net
R3		 2023-04-05 -
2023-07-04		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-07-04		 4 months crt.sh
bordeaux.futurecdn.net
R3		 2023-03-06 -
2023-06-04		 3 months crt.sh
champagne.futurecdn.net
R3		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.dotmetrics.net
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-21		 8 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
ads.servebom.com
R3		 2023-03-08 -
2023-06-06		 3 months crt.sh
sommelier.futurehybrid.tech
R3		 2023-04-03 -
2023-07-02		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
search-api.fie.future.net.uk
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-06 -
2023-05-07		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-07-20		 5 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-10-01		 7 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
pixel.servebom.com
R3		 2023-03-26 -
2023-06-24		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.spot.im
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-01		 8 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2023-09-07		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
um3.eqads.com
Amazon RSA 2048 M02		 2023-03-02 -
2023-07-09		 4 months crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
*.brandmetrics.com
GTS CA 1P5		 2023-03-12 -
2023-06-10		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
ml314.com
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.ml314.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-12-14		 10 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh

This page contains 69 frames:

Primary Page: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Frame ID: 1263C713B134BA1BD80AC0D3B52067E5
Requests: 244 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?r=5553&p=46338&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D10076%26svc%3Dus%26id%3D5%26uid%3D
Frame ID: D5A6C0BF8E5160A0DF58B72A70544F6C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?cb=8069&svc=us&id=32&uid=18b71d7a3de645c1ab6634fc9367b5ad
Frame ID: 1351D9E4D0EC465013F8997DDA4DAA89
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Frame ID: D610566CE32009313CFBC7CC05FE7724
Requests: 10 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=4&id=Purch&gdpr=0&gc=&gce=1
Frame ID: 4E122007A0FBEDD9EAEAD53D8A8E8ABE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?r=7434&p=156007&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8851%26svc%3Dus%26id%3D46%26uid%3D
Frame ID: 0FF341472C5C4D8F3FB463283C85FDE1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?r=2177&p=11868&endpoint=us-east
Frame ID: C003A5357F321B52709662D7ADEC9DE6
Requests: 11 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-sSlmnCBE2uHEiEn7.xt4pOB46XJJaNK.~A
Frame ID: 8B34E2750544C50812104CE8B364CEB1
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?svc=us&id=61&uid=y-SC0G2qpE2uLqCCMdFulAGw3Lx.v0hEA-~A
Frame ID: 84CD02EB781E8488D1183E53C20B67DE
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?cb=8505&svc=us&id=62&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&cookie_age=0
Frame ID: 3A4FE3D242297EDEB5E177495F216C72
Requests: 1 HTTP requests in this frame

Frame: https://pixel.servebom.com/partner?svc=us&id=64&uid=fd73d814-c352-4115-9b2a-d9152e3c2a5a
Frame ID: C0FBDEE7756E0B45B4F8A6B2F9C61FDE
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Frame ID: 2FDC01BAD2DBDBDD07CADE8EED199A7E
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C92204133ADE8237409F38B5BFB8B460
Requests: 1 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: CCAC916382766F5D3D94363F6CCB0B10
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Frame ID: 3DC50D7B1216DDB27DB194D6EC3D8C2B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: DD709F32D7A29B4D38FF28D9F09351C0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 72914820128F9E5D61A72C0EC4EDCAFE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 8FE808C872F474BC21D39F9F2F86FBA5
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 4B48904C550A5AFED3D6E6506BD779B9
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 2F1937C5BA992C1F1E6D134043B04685
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift
Frame ID: 22256411DDDB34804AA91ECD56793B5B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: BAAEEF3085A56659AEA7BB5D756F3D95
Requests: 4 HTTP requests in this frame

Frame: https://f61aafe85714fdabf335e406d30345f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F6642C4896D4656977D1B4735CA4BA1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: 329756F73234D84B66B69F6546D3AA0C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: A0B7229192A77772F2326EFA1EFDD066
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: D4F555FFDA3427F64E3D54D20C2527A7
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=6812978323417459240&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 29C9D11D8A0B565EDAC824E7FA03CE5B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 0A9CB543DBD9F640AE0F6A6E0FFCE119
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=848434730014415633723
Frame ID: D59DD31591994B82A1D0416D7D44E3AC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: F31E0B08A696F695C981DEBC787ACD68
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7591399174809267913&gdpr=0&gdpr_consent=
Frame ID: 4FBF23B9BFAEF59E989F1AFD159F6201
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABwiddtypiZgMCeX4bAAAAAAA&expiration=1682911565&is_secure=true&gdpr=0
Frame ID: B88FEF35ED7CA4B316A8D8A4DEF62CCB
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 8055DB1F2CC5DAB90EC3C0C21FBD3593
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: CE5756691043A7016C120135BEDE4E8E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: F642C6BB19A8282685882C721C5A9668
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 45A9279CD142E8C0964BBDFC9109823A
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TN3dCZ1BaRTJ1STlqUUFnc1Q4Q3lsTDR3ck9IZjhSUX5B&gdpr=0
Frame ID: 7761A49AA796693E5175303C22DC0138
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6812978323417459240&ex=appnexus.com&gdpr=0
Frame ID: 87CA6B918B736F2E358878354228E9B3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=848434730014415633723
Frame ID: B8AEECCAF60F38917B954B06133D9BDC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 4A91EEE0065E2A94010DD04B02404EC3
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 1A97ED99E57999E808EA488B972801DF
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 9F3D9D1FBF559488B8889176A55C8F59
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 25EC9E119F2FB4AB514CB1735B78CEA8
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=155494&s=&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2299%26svc%3Dus%26id%3D45%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=1YNN&
Frame ID: F9C305DCB9A289E2F0573F02EB88F41F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 60FA4DA11342088AD24A343A9DEBF238
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DF3AB7DC593A14DA5C3A212286D7FCA9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 83179AF87C3E446EBF12DF5782737045
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Frame ID: F876FFF586E8EE30DAB6706D521C853F
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158831&gdpr=0&gdpr_consent=
Frame ID: 13DF49546C9692681610844E7EADDF85
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 18E21A92D049D49F0EBC8EBC67BE4383
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: 9A3A998BF57682FB5F89A48F77D1544C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: EF10930D1401D674B75D48466F0DBCA8
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Frame ID: 020A72F970C983C83DE4EE22FF558F54
Requests: 12 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Frame ID: A38016B9CB7D46F5C2596E6EB255FBDD
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 9CAFBA185323E5E5964E161DD69C9630
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Frame ID: 705EC21C8FC4837E9F8E44F7F3416EA3
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=rkt&refUrl=&vid=28251668723258267651455343000V10&ovsid=969188715268096521
Frame ID: 62B7CC438E1E166685A7507BD03C17CD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dpba%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3DPM_UID
Frame ID: DADB45CFA2A080F469C38455604A63D6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 889AA5F1DE6EA096E35C04B693886486
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2B9C0F072098DBFA9674508AA3633789
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F175895C72A005E0A19E85A4956BEA52
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Frame ID: 7D6B0074C434DEB586879A050353F59D
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1YNN
Frame ID: 411C8ABC377DE9AF60058129B8DC0AC7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162345&gdpr=0&gdpr_consent=&us_privacy=1YNN
Frame ID: E27C0087A859E81E7D424F17044F4DBC
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNN&
Frame ID: 90CE45A84D45A9061C4ADBACB803425F
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 58572B75B40ECD4EB708F4A38E25961C
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 51CE2B3EC107C1B92C65B6B0A73285F3
Requests: 3 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 3BB965ED33578BC8CE0BD819F9A7ED7D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9773EED8FC8203D4F608DB03D3B03C08
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft blocks customer access to malicious SolarWinds binaries | ITProITProCloud ProChannel ProITProITPro

Page URL History Show full URLs

  1. https://www.itpro.co.uk/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-bin... HTTP 301
    https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-bin... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

539
Requests

68 %
HTTPS

25 %
IPv6

126
Domains

210
Subdomains

125
IPs

6
Countries

4610 kB
Transfer

15292 kB
Size

309
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.itpro.co.uk/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries HTTP 301
    https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788&rdf=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
Request Chain 121
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C90272%2C94788 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,90272,94788
Request Chain 137
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2%26svc%3Dus%26id%3D23%2C26%2C29%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fpixel.servebom.com%252Fpartner%253Fcb%253D2%2526svc%253Dus%2526id%253D23%252C26%252C29%2526uid%253D%24UID HTTP 302
  • https://pixel.servebom.com/partner?cb=2&svc=us&id=23,26,29&uid=6812978323417459240
Request Chain 138
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=de2d90e5-4d26-4c8c-a342-3edcde51fdb1&ph=25af9286-f23b-4b02-abcd-f2ee3b564dab&r=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8408%26svc%3Dus%26id%3D22%26uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=de2d90e5-4d26-4c8c-a342-3edcde51fdb1&ph=25af9286-f23b-4b02-abcd-f2ee3b564dab&r=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8408%26svc%3Dus%26id%3D22%26uid%3D HTTP 302
  • https://pixel.servebom.com/partner?cb=8408&svc=us&id=22&uid=47b9a7ef-0661-0f81-1a7f-791586c16d0e
Request Chain 140
  • https://purch-sync.go.sonobi.com/us?https://pixel.servebom.com/partner?cb=8454&svc=us&id=9&uid=[UID] HTTP 302
  • https://pixel.servebom.com/partner?cb=8454&svc=us&id=9&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
Request Chain 141
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3725%26svc%3Dus%26id%3D24%26uid%3D$UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3725%26svc%3Dus%26id%3D24%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://pixel.servebom.com/partner?cb=3725&svc=us&id=24&uid=GkKuZLZHmnzGdTVEQseo8o1p
Request Chain 142
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D4849%26svc%3Dus%26id%3D14%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D4849%26svc%3Dus%26id%3D14%26uid%3D%24UID HTTP 302
  • https://pixel.servebom.com/partner?cb=4849&svc=us&id=14&uid=848434730014415633723
Request Chain 143
  • https://purch-match.dotomi.com/match/bounce/current?networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2534%26svc%3Dus%26id%3D36%26uid%3D$UID&gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://purch-match.dotomi.com/match/bounce/current?DotomiTest=51f8692e934a068f&is_secure=true&networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2534%26svc%3Dus%26id%3D36%26uid%3D%24UID&gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://pixel.servebom.com/partner?cb=2534&svc=us&id=36&uid=AAABwiddtypiUwMF8SYtAAAAAAA&expiration=1682911564&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
Request Chain 144
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj3GAAS&ru=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D10887%26svc%3Dus%26id%3D59%26uid%3D33XUSERID33X HTTP 302
  • https://pixel.servebom.com/partner?cb=10887&svc=us&id=59&uid=212153247736372
Request Chain 148
  • https://qds0l.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8069%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D HTTP 302
  • https://qds0l.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8069%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D HTTP 302
  • https://pixel.servebom.com/partner?cb=8069&svc=us&id=32&uid=18b71d7a3de645c1ab6634fc9367b5ad
Request Chain 149
  • https://ssum-sec.casalemedia.com/usermatch?r=7282&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Request Chain 152
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?r=2177&p=11868&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?r=2177&p=11868&endpoint=us-east
Request Chain 153
  • https://pixel.advertising.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-sSlmnCBE2uHEiEn7.xt4pOB46XJJaNK.~A
Request Chain 154
  • https://ups.analytics.yahoo.com/ups/58290/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58290/sync?redir=true&verify=true HTTP 302
  • https://pixel.servebom.com/partner?svc=us&id=61&uid=y-SC0G2qpE2uLqCCMdFulAGw3Lx.v0hEA-~A
Request Chain 155
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8505%26svc%3Dus%26id%3D62%26uid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8505%26svc%3Dus%26id%3D62%26uid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://pixel.servebom.com/partner?cb=8505&svc=us&id=62&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&cookie_age=0
Request Chain 156
  • https://match.sharethrough.com/universal/v1?supply_id=dSvJjhJF HTTP 302
  • https://pixel.servebom.com/partner?svc=us&id=64&uid=fd73d814-c352-4115-9b2a-d9152e3c2a5a
Request Chain 158
  • https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 164
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHD4QvkYqNkeugZzXaoG6cY&google_cver=1
Request Chain 166
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3fzJzbDxeIlhYvWWXiLwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNvT9DLgO0Wn7VEgBh-hRs&google_cver=1
Request Chain 167
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&expiration=1685417164&gdpr=0&gdpr_consent=
Request Chain 170
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=r6ThoP32tqe09eeirPH4p6ug4aC087Ggr_TMMWV8
Request Chain 171
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2a269804-6403-5d02-6dc4f48f
Request Chain 176
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6812978323417459240&gdpr=0&gdpr_consent=
Request Chain 177
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6812978323417459240&gdpr=0&gdpr_consent=
Request Chain 178
  • https://creativecdn.com/cm-notify?pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=emuYl9SHDGCdpB6UVfgP&name=RTB_HOUSE&pi=adyoulike&tc=1
Request Chain 180
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188715268096521&expires=30&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=c6e62f36-eaa5-4e58-a311-dbcd5140d564&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 181
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=afe08c8f-46f3-496c-a20b-84defbb30b2a&name=THE_TRADE_DESK
Request Chain 182
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAG0Mk7Im8AAACX0SAR5zg&name=BEESWAX
Request Chain 183
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=nf_uAkLPYloRkGj-BOqu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD23TGL52UC22MKBMWY32SNNDWULKCJ5YXK&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD23TGL52UC22MKBMWY32SNNDWULKCJ5YXK HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=nf_uAkLPYloRkGj-BOqu
Request Chain 184
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=jwXIqVn1CT_oIFbt1GHC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6WU52YJFYVM3RRINKF632JIZRHIMKHJBBQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6WU52YJFYVM3RRINKF632JIZRHIMKHJBBQ HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=jwXIqVn1CT_oIFbt1GHC
Request Chain 185
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aec6ab3f-e775-4c37-9ec7-dc1de326aa62%20&gdpr_consent=null&gdpr=0
Request Chain 186
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0906220407fd6551751cb866&gdpr=0&gdprConsent=
Request Chain 187
  • https://sync.srv.stackadapt.com/sync?nid=33 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&name=STACKADAPT
Request Chain 188
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0f4b0fcde45fe67019618f4c5f35f52e%26name%3DADMIXER%26visitor%3D%24%24visitor_cookie%24%24&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=79d744cc6fe24036ab2c6a068d85954b
Request Chain 189
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX&crf=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=de161515-caff-5378-8705-b410e3486bdd&name=BETWEENX
Request Chain 190
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkKuZLZHmnzGdTVEQseo8o1p
Request Chain 191
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=0cf40256-eb0e-4e86-b356-9759fe321a22&name=BIDTELLECT
Request Chain 192
  • https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CKW1KxoNCM2_t6IGEgUI6AcQAEIASgA
Request Chain 196
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Request Chain 197
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sonobi&bidswitch_custom_parameter=c6e62f36-eaa5-4e58-a311-dbcd5140d564 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=cf14ae7ba61889f99aa145bd5bc676a9&expires=30&ssp=sonobi&bsw_param=c6e62f36-eaa5-4e58-a311-dbcd5140d564 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Request Chain 198
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&pubid=
Request Chain 199
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7e18644d-dfcd-4700-bae2-b858c123093b
Request Chain 200
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969188715268096511
Request Chain 201
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=d3f69494-8d38-493c-9c6c-e3b2c8335396&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZlY3dHFCZ3Q4LURIQXNZMUF3UnNvZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEDtd8km3MT_BgozfAkaPIE4&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=MXooVsVduakn
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZDNmNjk0OTQtOGQzOC00OTNjLTljNmMtZTNiMmM4MzM1Mzk2 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGjwHceSVsTYbsiMXTnhI7I&google_cver=1
Request Chain 204
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
Request Chain 205
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6812978323417459240
Request Chain 206
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=d3f69494-8d38-493c-9c6c-e3b2c8335396 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=d3f69494-8d38-493c-9c6c-e3b2c8335396
Request Chain 208
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=82773d6b-8a1a-0550-0fd8-c513184f12ad
Request Chain 209
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 210
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=61b79679a11b40e8b79679a11bc0e8cc
Request Chain 213
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=d3f69494-8d38-493c-9c6c-e3b2c8335396&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=e93f5543-1503-4866-a084-f3fb9034e1e7
Request Chain 214
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=848434730014415633723
Request Chain 217
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 218
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 219
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 224
  • https://sb.scorecardresearch.com/b?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682825164875&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&c8=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682825164875&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&c8=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&c9=
Request Chain 226
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=11868&r=2177&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG HTTP 302
  • https://pixel.servebom.com/partner?svc=us&id=19&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Request Chain 235
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Request Chain 236
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258267651455343000V10
Request Chain 237
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=da592a54-067e-4e78-b961-118e1af803c7
Request Chain 238
  • https://cdn.jwplayer.com/strips/VghWffSP-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
Request Chain 245
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=6812978323417459240&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 247
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=848434730014415633723
Request Chain 248
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341%26partner_url%3Dhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D309017%2526extuid%253D7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341%2526gdpr%253D%25240%2526gdpr_consent%253D%2524 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341%26partner_url%3Dhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D309017%2526extuid%253D7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341%2526gdpr%253D%25240%2526gdpr_consent%253D%2524&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=$0&gdpr_consent=$
Request Chain 249
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1682825165395 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4348755342 HTTP 302
  • https://sync.1rx.io/usersync/turn/2442317008365535684?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Request Chain 250
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=10840ea6-e251-01b6-1f6c-0c20bb229165
Request Chain 251
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=3f44a81e8fa739cd&name=OPENWEB
Request Chain 252
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=&expires=30
Request Chain 253
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UNJ0D-11-I4FG&gdpr=0
Request Chain 255
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2HUCsCyNSayFutYo9R077A&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2HUCsCyNSayFutYo9R077A&gdpr=0
Request Chain 256
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9FlCbKqsFTyd3ulXzk1xrcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NnYbQf1E2oKdlWw29GGDWNQ3iLc00wDtoAPYWQ--~A
Request Chain 257
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQxMzdlYjFlZjcxMjA2MzliMmE0ZTc3MjQ3YTgxZGUzNGM4NzRkMg&gdpr=0
Request Chain 258
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyVU5KMEQtMTEtSTRGRw==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIH4fbE_eJA_9YeeNF7N2Y4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVU5KMEQtMTEtSTRGRw==&google_push=&gdpr=0
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHA6x2OR634eyCr9YEIGL_c&google_cver=1
Request Chain 261
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7591399174809267913&gdpr=0&gdpr_consent=
Request Chain 262
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=2258934b4fca0534&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABwiddtypiZgMCeX4bAAAAAAA&expiration=1682911565&is_secure=true&gdpr=0
Request Chain 267
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TN3dCZ1BaRTJ1STlqUUFnc1Q4Q3lsTDR3ck9IZjhSUX5B&gdpr=0
Request Chain 277
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D85395%2C89871%2C90272%2C94788 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85395,89871,90272,94788
Request Chain 279
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6812978323417459240&ex=appnexus.com&gdpr=0
Request Chain 280
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=848434730014415633723
Request Chain 282
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=584b13670eb204f3&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACVIaMNmHvfgMsilC0AAAAAAA&expiration=1682911565&nuid=&is_secure=true
Request Chain 285
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
Request Chain 286
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
Request Chain 287
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
Request Chain 288
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
Request Chain 292
  • https://match.adsrvr.org/track/cmf/openx?oxid=295a8169-5bce-325f-74e0-cc353a7953e8&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttd_puid=295a8169-5bce-325f-74e0-cc353a7953e8&gdpr=0&gdpr_consent=
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECZzGjCr2nsElSN3lLX9ubM&google_cver=1
Request Chain 297
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=fd73d814-c352-4115-9b2a-d9152e3c2a5a&gdpr=0
Request Chain 298
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=7e18644d-dfcd-4700-bae2-b858c123093b&gdpr=0&gdpr_consent=
Request Chain 300
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=MXooVsVduakn&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 301
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH2UNJ0D-11-I4FG&name=RUBICON&gdpr=0&gdpr_consent=undefined
Request Chain 302
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
Request Chain 303
  • https://cdn.jwplayer.com/strips/VghWffSP-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
Request Chain 305
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
Request Chain 306
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH2UNJ0D-11-I4FG HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LH2UNJ0D-11-I4FG&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 309
  • https://sync.bfmio.com/syncb?pid=137 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=afe08c8f-46f3-496c-a20b-84defbb30b2a&ex=bf.com
Request Chain 310
  • https://sync.bfmio.com/syncb?pid=132 HTTP 302
  • https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Request Chain 311
  • https://x.videobyte.com/usync?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dvideobyte%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 301
  • https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=e93f5543-1503-4866-a084-f3fb9034e1e7
Request Chain 368
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 369
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5450176221 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/afe08c8f-46f3-496c-a20b-84defbb30b2a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3DRX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005 HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Request Chain 370
  • https://cdn.jwplayer.com/v2/media/vFJq2NEG/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
Request Chain 377
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=50&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=7591399174809267913
Request Chain 384
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://stags.bluekai.com/site/92145?id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Request Chain 390
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=7c9cfe0f-9689-043f-2b99-4cc603e23230 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=56a0e8c59cc83973493f2346d42b002e5dd6947ce58ac8256811d3350336609e791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1NmEwZThjNTljYzgzOTczNDkzZjIzNDZkNDJiMDAyZTVkZDY5NDdjZTU4YWM4MjU2ODExZDMzNTAzMzY2MDllNzkxNDI2YjU0MTdkY2UyMRAAGgwIz7-3ogYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1NmEwZThjNTljYzgzOTczNDkzZjIzNDZkNDJiMDAyZTVkZDY5NDdjZTU4YWM4MjU2ODExZDMzNTAzMzY2MDllNzkxNDI2YjU0MTdkY2UyMRAAGgwIz7-3ogYSBAgCEABCAEoA&google_gid=CAESEIUaAQ8-UFjUJneSn5TQ8Sk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=432410ab-a8d0-4767-bd55-ad85a4b39ce9
Request Chain 391
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6812978323417459240
Request Chain 392
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2442317008365535684&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 393
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZE3fzgAGdc7k6wBS HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3fzgAGdc7k6wBS&_test=ZE3fzgAGdc7k6wBS
Request Chain 395
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 398
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Request Chain 401
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Request Chain 402
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=6812978323417459240
Request Chain 403
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Request Chain 404
  • https://match.prod.bidr.io/cookie-sync/syn HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHME1rN0ltOEFBQUNYMFNBUjV6Zw&bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAG0Mk7Im8AAACX0SAR5zg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Csyn%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Csyn&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAG0Mk7Im8AAACX0SAR5zg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAG0Mk7Im8AAACX0SAR5zg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAG0Mk7Im8AAACX0SAR5zg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7591399174809267913 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAG0Mk7Im8AAACX0SAR5zg
Request Chain 405
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.21%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=6233665232 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2069.21/7e18644d-dfcd-4700-bae2-b858c123093b?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Request Chain 406
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
Request Chain 407
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-fbiA6LFE2uEB8Ig1CXUzKPnPzMoWPF6d~A
Request Chain 408
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE3fzJzbDxeIlhYvWWXiLwAA%26031
Request Chain 409
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=568200899A48499D9AF846BF5A46F6A4&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D37%26uid%3DUCFUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=a1772a10-494b-3d37-a75f-04a78e71d2e7
Request Chain 410
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=568200899A48499D9AF846BF5A46F6A4 HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=synacor&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=synacor&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=01648f19-0a01-45f2-83a3-6116f8ecc73a&expires=3&user_group=1&ssp=synacor HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Request Chain 411
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4 HTTP 302
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=318a517d9f5b0534&is_secure=true&networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAB8cKYUpP8kAMJiTWIAAAAAAA&expiration=1682911566&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
Request Chain 412
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=568200899A48499D9AF846BF5A46F6A4&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3258267651455343000V10
Request Chain 416
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Drkt%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=rkt&refUrl=&vid=28251668723258267651455343000V10&ovsid=969188715268096521
Request Chain 418
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dcon%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=706f11e83c3304f3&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dcon%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=con&refUrl=&vid=28251668723258267651455343000V10&ovsid=AAABwiddtypijwMvVYkNAAAAAAA&expiration=1682911566&is_secure=true
Request Chain 419
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dopx%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=opx&refUrl=&vid=28251668723258267651455343000V10&ovsid=e176e8f6-f0ce-08bf-17af-b25b8896c134
Request Chain 420
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dmma%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=mma&refUrl=&vid=28251668723258267651455343000V10&ovsid=7e18644d-dfcd-4700-bae2-b858c123093b
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI1ODI2NzY1MTQ1NTM0MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEA0LjGCAQSTO9U3gfzlb44Y&google_cver=1
Request Chain 422
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Ddxu%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Ddxu%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=dxu&refUrl=&vid=28251668723258267651455343000V10&ovsid=eq8fD1Yn1PSXHp5
Request Chain 423
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d326bf4a-524d-4a12-a331-37b53b8a3f0b
Request Chain 424
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3Dc6e62f36-eaa5-4e58-a311-dbcd5140d564%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=79d744cc6fe24036ab2c6a068d85954b&ssp=medianet&bsw_param=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=0&gdpr_consent=&gdpr_pd=1
Request Chain 425
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3258267651455343000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3258267651455343000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4b8d9b64-53d4-4f79-93fa-38d551287687&cs=1
Request Chain 427
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Request Chain 429
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=29ec5ded-6c14-082e-3666-3033b0ef9207 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=29ec5ded-6c14-082e-3666-3033b0ef9207&_li_chk=true&previous_uuid=bf75888df8174356972b53799b2d7307 HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=29ec5ded-6c14-082e-3666-3033b0ef9207&previous_uuid=64a97a7052b549818e7401fdee841239 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2442317008365535684 HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=bf75888d-f817-4356-972b-53799b2d7307&liid=&_ct=im HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=d4ef2024b634dbba07145fc3eebd21ce HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 433
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=85f714e3-4356-1769-83c9-87c61fb4132a HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=1hu1n1xg9wsxh
Request Chain 434
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=36d4b58c-09b4-0e11-0275-5774de4b5dd9&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0c48c9d650989fddea666d4e6c644aaf
Request Chain 435
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=9gwLVfJIi3GSlICC6WBpUg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 436
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e18644d-dfcd-4700-bae2-b858c123093b
Request Chain 437
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=6d11556c-0c75-4a73-9045-961f2df936d6
Request Chain 438
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=
Request Chain 439
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 440
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODQ4NDM0NzMwMDE0NDE1NjMzNzIz HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKAfS0UdSF68aSgLGzoKvps&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 442
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODQ4NDM0NzMwMDE0NDE1NjMzNzIz
Request Chain 444
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=848434730014415633723&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d94e3e36-aa6a-4da3-952a-b658ff02d03e&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 446
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/848434730014415633723?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-nmrGilFE2oQJWyqG92LzZhur63lF0Lfo0Pe8bMViRw--~A&dongle=0883
Request Chain 447
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=jwXIqVn1CT_oIFbt1GHC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NJ3VQSLRKZXDCQ2UL5XUSRTCOQYUOSCD&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NJ3VQSLRKZXDCQ2UL5XUSRTCOQYUOSCD HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=jwXIqVn1CT_oIFbt1GHC
Request Chain 448
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6812978323417459240&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 452
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 453
  • https://ssc-cms.33across.com/ps/?_=1682825167009.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153247736372
Request Chain 454
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=e4c9a5fb-e91c-4423-95aa-1eafdf37541b&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=c6e62f36-eaa5-4e58-a311-dbcd5140d564 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 455
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682825167009.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e18644d-dfcd-4700-bae2-b858c123093b
Request Chain 456
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-euVfw.1E2uEpJUQBo0PH1RBjKjliGv9q~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-euVfw.1E2uEpJUQBo0PH1RBjKjliGv9q%7EA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 457
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4dafdbcae9d0068f&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB2T8U3piDKgNch-4oAAAAAAA&expiration=1682911567&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8U3piDKgNch-4oAAAAAAA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 458
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=848434730014415633723 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=848434730014415633723&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 460
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Request Chain 461
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkKuZLZHmnzGdTVEQseo8o1p
Request Chain 462
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2UNJ0D-11-I4FG&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 472
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1YNN HTTP 302
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=0&gdpr_consent=&us_privacy=1YNN HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAG0Mk7Im8AAACX0SAR5zg&ssp=themediagrid&gdpr=0&us_privacy=1YNN
Request Chain 475
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=6d11556c-0c75-4a73-9045-961f2df936d6&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 476
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 477
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&dongle=4430
Request Chain 480
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2442317008365535684&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 482
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAG0Mk7Im8AAACX0SAR5zg&dongle=bzwx&gdpr=0
Request Chain 486
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 487
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=6237e64e-5b61-0e3c-1e65-d3f2cdd573ba
Request Chain 488
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-CV0nKTJE2uGNpSNEBwVnv0haG9k4iO4C~A
Request Chain 489
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttl=1685417168
Request Chain 490
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG
Request Chain 491
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkUxMDAxQTctODM5QS00RUQ5LTg3NzgtNUI0MDBFOTcwREM4&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC7DbHen0P3Jr8OrdL6zMbo&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D2E1001A7-839A-4ED9-8778-5B400E970DC8 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=2E1001A7-839A-4ED9-8778-5B400E970DC8
Request Chain 492
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341
Request Chain 493
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
Request Chain 497
  • https://idsync.rlcdn.com/403716.gif?partner_uid=7rys0npxije17xsinzlp26wbt HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=56a0e8c59cc83973493f2346d42b002e5dd6947ce58ac8256811d3350336609e791426b5417dce21&_=2 HTTP 307
  • https://pippio.com/api/liveramp.com
Request Chain 500
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6812978323417459240
Request Chain 501
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
Request Chain 502
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAG0Mk7Im8AAACX0SAR5zg&expiration=1684034768
Request Chain 503
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188715268096521
Request Chain 504
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ED518F86BDFC4BD09DCABEFA949D728C
Request Chain 505
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3fzgAGdc7k6wBS
Request Chain 508
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 510
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Request Chain 520
  • https://futureplc-com.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=futureplc-com&upapi=true
Request Chain 532
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3635329782389407799 HTTP 307
  • https://ml314.com/csync.ashx?fp=024cc078aec884c318d65e1b7f6c71876149f15d67b20a289b513722654e025cf4cb09cee1a4f8eb&person_id=3635329782389407799&eid=50082
Request Chain 533
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
Request Chain 534
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635329782389407799 HTTP 302
  • https://ml314.com/csync.ashx?fp=c88c517ca66cae3c568bf3eaa3ba3d1f&eid=50146&person_id=3635329782389407799
Request Chain 535
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WhdRtQ2Ev9Ba8mT8MEvcv8vd3qIIPmKfTT5kswRzXZc&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=2WhdRtQ2Ev9Ba8mT8MEvcv8vd3qIIPmKfTT5kswRzXZc&person_id=3635329782389407799&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 543
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12529%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.itpro.com%252Fsecurity%252F358153%252Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%26hn_ver%3D40%26fid%3D8d307f5d-20a0-4c07-bcc7-f2b73a83cb99 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=6812978323417459240&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&hn_ver=40&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
Request Chain 544
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99&google_gid=CAESEMNZhkBEGxzoQT67rRxx99c&google_cver=1
Request Chain 545
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D8d307f5d-20a0-4c07-bcc7-f2b73a83cb99 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2E1001A7-839A-4ED9-8778-5B400E970DC8&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
Request Chain 546
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dsp=TTD

539 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
www.itpro.com/security/358153/
Redirect Chain
  • https://www.itpro.co.uk/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
  • https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
515 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d8f04bbd1fbfee993646d1d64ae0df7842105f4f58df03c92dc4b5a73183307
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60,public
content-encoding
br
content-length
89457
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:01 GMT
expires
Tue, 02 May 2023 03:26:01 GMT
last-modified
Sun, 30 Apr 2023 03:26:01 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-age
0
x-article-id
vafVdZvLf1pWPfcNrBFUK5
x-cache
MISS-CLUSTER
x-cache-hits
0, 0
x-country-code
US
x-country-code-real
CA
x-frame-options
SAMEORIGIN
x-ftr-backend
varnish-leopard
x-ftr-backend-server
vanilla-leopard-http-cache-prod-01
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-2
x-ftr-cache-status
MISS
x-ftr-request-id
2889b191-3393-4683-a191-7bd42990b9d9 00000000000000000000FFFF9D34453F:3500_00000000000000000000FFFFB9711938:01BB_644DDFC8_4274D37:3D4A63
x-modified-date
1608119993
x-served-by
cache-lon4263-LON, cache-yul12833-YUL
x-timer
S1682825160.061534,VS0,VE1664
xkey
itpro-platform-responsive itpro-article-vafVdZvLf1pWPfcNrBFUK5 itpro-articletype-news itpro-articletemplate-standard itpro-article-age-ancient itpro-region-US itpro-language-en itpro-modifieddate-1608119993 itpro-author-h4BxUm74CHdvdSCU3TFWw4 itpro-tag-vNb4qjaerYmbxtvtC7vr17 itpro-tag-nRS3q9Hbwso6TtGimTsYdB itpro-article-extended-ttl-true itpro-flexi-page-guid-itpro_page_layout_news itpro-curatedlist-9ityrXgfTSfprh6HG4gK9c itpro-flexi-controller-FlexiPageLayout:index itpro-flexi-site-guid-itpro_en_us itpro-flexi-layout-news itpro-flexi-route-custom_route_1666094972 itpro-version-673941 itpro-server-phpfpm-78698468d4-hpr9x

Redirect headers

accept-ranges
bytes
cache-control
max-age=86400
content-length
0
date
Sun, 30 Apr 2023 03:26:00 GMT
location
https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
retry-after
0
server
Varnish
strict-transport-security
max-age=31536000
via
1.1 varnish
x-cache
HIT-SYNTH
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1682825160.038072,VS0,VE0
zDMfot5kyySAUEmYNvBgSP-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/zDMfot5kyySAUEmYNvBgSP-970-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
e8b458ee497c85c90fc8de6a9e1152e4594cd719f1b785904d4d30cb4e06e72c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
x-backend
default
x-svc-env
prod
age
1503248
xkey
/proof/zDMfot5kyySAUEmYNvBgSP.jpg
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
24542
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:B53B_00000000:0050_6436EFB7_C4223:EEB9
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
5aa66f80e0783a5cfc13c991ce0e7276
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 17:51:53 GMT
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:06:11 GMT
content-encoding
br
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:35:02 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
1191
x-amz-server-side-encryption
AES256
etag
W/"42d1e9459103c32433cb7a2590755328"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
TrEKPeK5sGsyEAL0rmLPygKQBbf50w1g0WwoO2WXMntfqh7AMHSlDg==
externals.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		128 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/externals.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d95b5088265f50a8f40fc6cd0faa5325c29bebe87fe81a85f969c23b278e3f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
480390
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
37133
x-served-by
cache-yul12829-YUL
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFFA752A61C:62F8_00000000000000000000FFFFB9711932:01BB_64468B40_15324D8:96EBD
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682825162.914534,VS0,VE0
etag
W/"1fe01-187b2b5d204"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
31963
promotion.min.css
search-api.fie.futurecdn.net/css/browser/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		3 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/css/browser/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/promotion.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5e1b4b1df9b4fb4b4ba9cb1866789e3869004cdc8a624fc016e56139193a341
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
223400
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Fri, 26 Apr 2024 13:22:42 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon4236-LON, cache-yul12825-YUL
x-ftr-request-id
00000000:E9B2_00000000:01BB_644A7725_F49135:6C20
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825162.805892,VS0,VE0
etag
W/"644a4d47-d45"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length
612
accept-ranges
bytes
x-cache-hits
3, 6393
itpro.min.css
search-api.fie.futurecdn.net/css/browser/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/css/browser/itpro.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7064d6d5294ef022f43efc7ff3123f4564e2c6919382895478efd2d37b702f23
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
759
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Sat, 29 Apr 2023 12:05:47 GMT
x-ftr-balancer
hawkproxyprodred
x-served-by
cache-lon420143-LON, cache-yul12825-YUL
x-ftr-request-id
00000000:99DC_00000000:01BB_644D03B8_38CF11D:7967
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825162.805797,VS0,VE1
etag
W/"644a4d47-16fc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
2001
accept-ranges
bytes
x-cache-hits
3, 1
responsive.js
search-api.fie.futurecdn.net/js/w/es6/ 		599 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce74a00f821f7f857fd92a73485b1dc5fa7373c61ea04cf37c42921421d25ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
970
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Thu, 27 Apr 2023 16:27:45 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon420115-LON, cache-yul12822-YUL
x-ftr-request-id
00000000:D9CC_00000000:01BB_644A9DD1_A58849:6C1F
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825162.806709,VS0,VE0
etag
W/"644a4d47-95acf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
164571
accept-ranges
bytes
x-cache-hits
8, 1237
responsive.min.css
search-api.fie.futurecdn.net/css/browser/ 		234 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/css/browser/responsive.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c08f9e0842df5d56fbf57b1b606d35a70ad354f3b57b6066635082452b3ac90
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
467
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Thu, 27 Apr 2023 14:15:45 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon420116-LON, cache-yul12825-YUL
x-ftr-request-id
00000000:FAB4_00000000:01BB_644A7EDF_5DFBEC:6C1E
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825162.805724,VS0,VE0
etag
W/"644a4d47-3a800"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
19931
accept-ranges
bytes
x-cache-hits
9, 11
flexisites.min.css
vanilla.futurecdn.net/itpro/673941/media/css/ 		359 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/css/flexisites.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8284038fcb9666bd9258d31b8d762d2728cc1a565d30f6f71ed9e32d3e57d891
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
uk-lon1
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
49449
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:73D3_00000000:0050_644BDD5F_67ED9:2EBA
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 15:15:29 GMT
missing-image.svg
vanilla.futurecdn.net/itpro/media/img/ 		274 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanilla.futurecdn.net/itpro/media/img/missing-image.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1533093
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
208
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:D4C6_00000000:0050_64367B23_326130:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:34:29 GMT
6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 		920 KB
268 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09979f555298f71322a12b9259094d8cf3bc9e381a2413fdde14e69da62ec28c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
6093eccf-6734-4877-ac8b-83d6d0e27b46
age
0
x-guploader-uploadid
ADPycdtJouwu9P4QUKZCduFTAN5W7H8fT8qm8LN4ayK6wIW9sgMxLNsgiwr12kAnV4SOZ0kZvBnfD1c2EjeWLBr6AT0XTuwzEPw0
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 28 Apr 2023 13:25:03 GMT
server
cloudflare
etag
W/"675d43e148caf88b4ec6310636cd3069"
vary
Accept-Encoding
x-goog-generation
1682688303194256
content-type
application/javascript
x-goog-hash
crc32c=p5mNNw==, md5=Z11D4UjK+ItOxjEGNs0waQ==
cache-control
public, max-age=900
x-goog-stored-content-length
296521
timing-allow-origin
*
cf-ray
7bfcae4e0d1a7156-YUL
expires
Sun, 30 Apr 2023 03:41:01 GMT
freyr.js
freyr.futurecdn.net/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freyr.futurecdn.net/freyr.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
63db600caaa5335f3270ba4ea9169793c61c827299e3d5b82521ae98d3f76cc0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 24 Apr 2023 13:39:01 GMT
etag
W/"64468675-11b38"
freyr-version
6.1.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hw
1682825161.cds246.dc2.hn,1682825161.cds214.dc2.c
cache-control
max-age=1206
accept-ranges
bytes
content-length
17808
US.svg
vanilla.futurecdn.net/itpro/media/shared/img/flags/nosize/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/img/flags/nosize/US.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1533094
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
424
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:50E4_00000000:0050_64367B24_30E618:0351
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:34:28 GMT
missing-image.svg
www.itpro.com/media/img/ 		274 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itpro.com/media/img/missing-image.svg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Fri, 12 May 2023 09:34:28 GMT
date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
1533093
x-cache
HIT
x-ftr-backend
varnish-leopard
x-age
0
x-ftr-cache-status
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
206
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-served-by
cache-lon4276-LON, cache-yul12833-YUL
x-ftr-request-id
00000000000000000000FFFF9D344529:7EB6_00000000000000000000FFFFB9711932:01BB_64367B24_1818454:35E8C9
last-modified
Tue, 11 Apr 2023 14:26:42 GMT
x-country-code-real
CA
x-timer
S1682825162.879443,VS0,VE0
etag
"64356e22-112"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-ftr-backend-server
vanilla-leopard-http-cache-prod-02
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-country-code
US
x-cache-hits
370, 30
hawklinks.js
search-api.fie.futurecdn.net/hl/es6/ 		201 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2bb1b8c31850a3f853a52dc7b42408fe48a3ba47646635a8c03cbaa44697992d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
756
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Tue, 25 Apr 2023 05:28:58 GMT
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon420134-LON, cache-yul12822-YUL
x-ftr-request-id
00000000:FD30_00000000:01BB_64476069_1A74A3:0543
last-modified
Mon, 27 Mar 2023 11:07:55 GMT
x-timer
S1682825162.879653,VS0,VE0
etag
W/"6421790b-325fd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length
52066
accept-ranges
bytes
x-cache-hits
14, 33
p.js
cdn.parsely.com/keys/itpro.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/itpro.com/p.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
bcbdd7d7e74de830df279c0d2483873aa056f06c6991b6a7201af89b0c9195ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Apr 2023 10:30:30 GMT
content-encoding
gzip
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 19:21:25 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
61240
etag
W/"619404b5-c8a9"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
6vZQGWk9Z7zMbgppUcv7AnU9xfgUTxcDlmfZB63l6EKdL3BIlUr9BQ==
expires
Sun, 30 Apr 2023 10:25:21 GMT
flexisites.woff
vanilla.futurecdn.net/itpro/673941/media/fonts/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/fonts/flexisites.woff
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.29.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
2c6d13081750bfcfb93cb02b49b291d1055d5ec08d4e2e7ea8205b089c0ab390
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
7037
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:7F62_00000000:0050_644BDD5E_760FB:2CD0
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
bordeaux.js
bordeaux.futurecdn.net/ 		294 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bordeaux.futurecdn.net/bordeaux.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
523a160b94aa60d4440a0f0cfcab996ea5af037a3be307f6a05c2f8d56ec7dc8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
gzip
bordeaux-version
latest
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 27 Mar 2023 14:21:15 GMT
etag
W/"6421a65b-499f6"
x-hw
1682825161.cds080.dc2.hn,1682825161.cds215.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
82967
champagne.js
champagne.futurecdn.net/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://champagne.futurecdn.net/champagne.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
fde3958fc7b3011078e5ee89f3eadb030b67d8c4592204641fb8d2063bf1ec2c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:01 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 15:30:00 GMT
champagne-version
latest
etag
W/"6388c878-aa0c"
x-hw
1682825161.cds010.dc2.hn,1682825161.cds225.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
14695
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 03:22:23 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
218
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 05:22:23 GMT
door.js
uk-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.itpro.com&t=itprous
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-91.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
3584f93195a7ed781e096a86602ea6f64f9ae572abfa3f2c66131dc7a1c1e4c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
br
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
etag
".www.itpro.com.itprous.224.2023043003"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
08AW3SGVHA17jOWpnH02-g11Qc81tAZSS4w5VQ56hJzWiUO18oWVVA==
flexi.js
vanilla.futurecdn.net/itpro/673941/media/shared/js/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/js/flexi.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
89b70d3b42eeb21714ce9cd514bd659a16f36c8d46732e0c691e3607301ef903
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
38929
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:EBCE_00000000:0050_644BDD5D_1BD4F4:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
OpenSans-400-Regular.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-400-Regular.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.29.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16743
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:EBD8_00000000:0050_644BDD5F_1BD51A:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 15:15:29 GMT
OpenSans-700-Bold.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-700-Bold.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.29.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16383
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:7697_00000000:0050_644BDD5F_A3CF0:2CD1
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 15:06:30 GMT
OpenSans-600-SemiBold.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-600-SemiBold.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.29.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16819
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:A879_00000000:0050_644BDD5E_1BD4F5:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
OpenSans-300-Light.woff2
vanilla.futurecdn.net/itpro/673941/media/shared/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/fonts/OpenSans-300-Light.woff2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.29.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itpro.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
uk-lon1
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
16835
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:73DD_00000000:0050_644BDD5F_67EE8:2EBA
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
main.abcefa329387d8fe88e2.bundle.js
vanilla.futurecdn.net/itpro/673941/media/shared/js/ 		321 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
2ddc632c3a86aacb7dd2c6da2c0f1fd61e7e7ccdc74f310aae2cc85342cf7d3a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131691
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
85122
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:6F45_00000000:0050_644BDD5F_1BD51B:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
itpro.min.css
vanilla.futurecdn.net/itpro/673941/media/css/ 		159 B
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/673941/media/css/itpro.min.css
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
42659e10606682c6ced7d1c1a7b3fa923e173a60bece08b86acb5f4882111b7b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
131714
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
114
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:DA11_00000000:0050_644BDD48_1BD2BB:2CD3
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Sun, 28 May 2023 14:51:11 GMT
hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
mos.fie.futurecdn.net/logos/models/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mos.fie.futurecdn.net/logos/models/hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
x-ftr-cache-resized-status
MISS
age
287341
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos
content-length
14272
x-ftr-balancer
bulkproxyprodred
x-ftr-request-id
00000000:A89F_00000000:0050_5FA6F75D_383AF9:0C4B
last-modified
Thu, 29 Oct 2020 21:40:57 GMT
server
nginx
etag
"8d6a8139d9085d797db649ca8cd161d5"
content-type
image/jpeg
x-ftr-backend-server
mos05
cache-control
max-age=2592000
accept-ranges
bytes
x-ftr-cache-host
moscache05
expires
Fri, 26 May 2023 19:37:05 GMT
ccpa.76009a2b49e794158c69.bundle.js
cdn.privacy-mgmt.com/unified/4.8.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.8.0/ccpa.76009a2b49e794158c69.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:37:00 GMT
content-encoding
br
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 14:54:00 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
42543
x-amz-server-side-encryption
AES256
etag
W/"a8966a38a0762b86f1b8b67f4adaa091"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
yn42GXhVUN-BLzCy87R-yUuT-WWsSIX3KcXibGSr8-s1mELSVxUECw==
gdpr-tcf.c5f25289dc007b62e8a5.bundle.js
cdn.privacy-mgmt.com/unified/4.8.0/ 		86 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.8.0/gdpr-tcf.c5f25289dc007b62e8a5.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:37:00 GMT
content-encoding
br
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 14:54:00 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
42543
x-amz-server-side-encryption
AES256
etag
W/"15f3926a82b36fd8dad9dee4b7bc2b9c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
CujLyufGYToWXlVPedTUFEEI06K2rf7AW_lFf1fNVwNza3MVBjRHxw==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		203 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&account_id=200
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/
Resource Hash
d759b229df277a372ecc833c0e5fe07ea087e7401077b7b8c5243d1849d7980d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-21-251
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
YpxNOA9iRbS8S0PpqC2bdW0AzYC-kyHk_-TyRRcJpWjsYPzOX_S8AQ==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1682825162408&plid=96172272&idsite=itpro.com&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&sref=&sts=1682825162401&slts=0&title=Microsoft+blocks+customer+access+to+malicious+SolarWinds+binaries+%7C+ITPro&date=Sun+Apr+30+2023+03%3A26%3A02+GMT%2B0000+(GMT)&action=pageview&pvid=87938291&u=pid%3D3c38b6f973411746374fd2aee9fcf28e
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:02 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 30-Apr-2023 03:26:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
hybrid_id
ads.servebom.com/ 		43 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/hybrid_id
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
03e7ec360ad4fe34905cf24aaff6120e839790a8d4db20d1ea66ba0e0d016fb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://www.itpro.com
date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
69
x-hw
1682825162.cds004.dc2.hn,1682825162.cds004.dc2.sc,1682825162.cds004.dc2.p
content-type
application/json
/
sommelier.futurehybrid.tech/config/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sommelier.futurehybrid.tech/config/?r=981&tpl=article&l=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&sw=1600
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.227.167.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-167-161.compute-1.amazonaws.com
Software
/
Resource Hash
d0f92e2c1f3b042de55c25d08d1a75b685dbe844cc1318b5d30395c301dc1001
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:02 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		299 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=200&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=30869&ch=null&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
d124fa8b2c0be98fe3f3a41ce3de48ecb4f74fbba4cbe4d76b258f205198ea71
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 03:13:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
741
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
299
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
Mhd7HSOkwQHcdvi2usEX2QVHm8jPq-gLSiue7MCoq-40Pi6iYNwWlw==
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=200&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=30869&ch=null&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
741
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 30 Apr 2023 03:13:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-id
HAGuNjx3jC_r2-slN7zrwH60RgzryYUzB20vHbgPKl_IXGLVFTW05Q==
x-amz-cf-pop
JFK50-P7
x-cache
Hit from cloudfront
x-powered-by
Express
translations.php
search-api.fie.futurecdn.net/ 		32 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/translations.php?language=en-CA
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95c832d87d667c2fffc317d8723616f857790b346aa0b493d37cb9bd6d145cdd
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
847
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
10408
x-ftr-expires
Sun, 30 Apr 2023 03:31:54 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-36
x-served-by
cache-lon420111-LON, cache-yul12824-YUL
x-ftr-request-id
00000000:6212_00000000:01BB_644DDC7A_14F1858:5C9D
x-timer
S1682825163.650700,VS0,VE0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
5, 32
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
ebf6d146-4099-41b4-a677-743c174652f2
https://www.itpro.com/ 		553 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.itpro.com/ebf6d146-4099-41b4-a677-743c174652f2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6c79b5559654c57bb181aebc74a4687abf0d9f5e64fd75ddaf9b612ee829e7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
565950
Content-Type
gallery.e0bbe329a8970e4177fe.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/gallery.e0bbe329a8970e4177fe.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
704f059368f40ccce9f9cdb4f069e9cee17a6a12d4900f2391e5ac2ac7e8ddbe
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1533093
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
5041
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:7879_00000000:0050_64367B24_404AC4:0354
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:39:07 GMT
enlarge-images.1a0d0c1fecb4acb0fef3.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/enlarge-images.1a0d0c1fecb4acb0fef3.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
b0bcb9d0b9aec08cf95a638e8f7fa24ac816a914681cab567d4718e6af416616
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1533093
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
778
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:5106_00000000:0050_64367B25_404AD2:0354
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:34:29 GMT
fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
3e65844ea3621494ec26acac0bed8f9d8caf18155dd94017baee84d41563041d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1533093
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
869
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:C678_00000000:0050_64367B25_326142:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:39:07 GMT
topics.71b67ce542657ad41ca9.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		813 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/topics.71b67ce542657ad41ca9.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
db20b4846e1b03778300d634e1a0a14cf4627c5a9baeca0a2032bff4a151e5ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
1533093
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
487
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:510A_00000000:0050_64367B25_326145:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Fri, 12 May 2023 09:50:06 GMT
jwplayer-analytics.f09c837d4cf317bc6b66.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-analytics.f09c837d4cf317bc6b66.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
beec51606224f8fcc9f2cd7f9ce7da689352c54d81696a83ff950e3599860e34
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982198
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1388
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:C5B1_00000000:0050_643EE314_15552CE:383E
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:25 GMT
jwplayer-autopause.2f0709ed947cc688d5b6.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-autopause.2f0709ed947cc688d5b6.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
522d33efcc61e39de38c61930d72f4d7352fb72b03b8641f0886d149b7a57b2c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982198
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
657
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:A568_00000000:0050_643EE312_15552CA:383E
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
2834f0efb72fb53a5fec863e6033556ede826fcf1a8b25757768fad523ff1dd6
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982133
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
2106
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:5183_00000000:0050_643EE352_23F58D6:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:24 GMT
jwplayer-sticky-mobile-editorial.78fd747e13679ab691cf.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-mobile-editorial.78fd747e13679ab691cf.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
5c5f0a61fbd5ffbf05e1585883a4c1264f396517cf5dc46a68bb0529230ae499
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982128
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
2887
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:B530_00000000:0050_643EE359_6136FC:0352
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
jwplayer-unmute.1f3f44a98f862518aab2.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-unmute.1f3f44a98f862518aab2.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
dde4edf8dc06e4c94cc42039e1dcef86bfc3114f550b9c6e6dcf3430a748990c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982199
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1223
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:E2C2_00000000:0050_643EE312_69A234:0353
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:25 GMT
jwplayer-carousel-desktop-responsive.ba6ba5c75457b16c3d7c.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-desktop-responsive.ba6ba5c75457b16c3d7c.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
aaf6cd6b0a06166fdca3a5bf8dbbfe08dc2418c7b3bc4594c16bd5b2bbe3764a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982194
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
3731
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:A0CB_00000000:0050_643EE318_23F5718:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:53:25 GMT
jwplayer-carousel-mobile-responsive.f91cccb9d9c4b32015ed.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-mobile-responsive.f91cccb9d9c4b32015ed.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
7c3268909cac296c2ddd0fe17f4c92c4eabcdce66304365c02a99249e113fdf3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982194
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
5591
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:506F_00000000:0050_643EE316_23F5700:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
table-scroll.de29431e22229a66494f.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/table-scroll.de29431e22229a66494f.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
1ca312ab70201beee7a8aff0f20264fb1ad5fa37fe08d558d0f248259396bf9b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982195
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1415
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprod01
x-ftr-request-id
00000000:A2DC_00000000:0050_643EE317_69A23E:0353
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 23:01:48 GMT
embed-resize.7f2210cf371ab2fd9e1e.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/embed-resize.7f2210cf371ab2fd9e1e.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
32bedf4fc89a1f0d1716659793930f2dfe6062b7fc1375ed620086811abd3019
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982195
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
673
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:67E2_00000000:0050_643EE316_23F5705:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
open-ahead-embeds.fb0f658d8327004e8e27.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/open-ahead-embeds.fb0f658d8327004e8e27.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
f28e998e72341f6e22102995edbda874f24f6c454ef90c4055d05c4643d45e2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982197
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
867
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:AE1F_00000000:0050_643EE311_23F56E2:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
suggestion-box.475bccaf934ab20cb47d.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/suggestion-box.475bccaf934ab20cb47d.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
349f3e2de5639697a9374bd7bc7eef5bf6f89436d74e6fdacd59424c1e050f1e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982195
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
2815
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:C5B1_00000000:0050_643EE314_15552D1:383E
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
nav-subscribe.3a2570e6f67fc78f8bcb.chunk.js
vanilla.futurecdn.net/itpro/media/shared/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vanilla.futurecdn.net/itpro/media/shared/js/nav-subscribe.3a2570e6f67fc78f8bcb.chunk.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
e1b1d09e3cad033741bdeb24f33f0e5e41720e514e26b948dd39adb93e94f04e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket
van-ass-prod
strict-transport-security
max-age=31536000; includeSubDomains
age
982197
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
van-prod
content-length
1001
x-xss-protection
1; mode=block
x-ftr-balancer
webproxyprodred
x-ftr-request-id
00000000:5049_00000000:0050_643EE312_23F56E6:383F
referrer-policy
no-referrer-when-downgrade
server
Footprint Distributor V6.1.1162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-smartersafe-version
expires
Thu, 18 May 2023 18:47:15 GMT
xzv2Re2dhcgVXQHFsQJabg-1200-80.png.webp
cdn.mos.cms.futurecdn.net/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/xzv2Re2dhcgVXQHFsQJabg-1200-80.png.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
6fbaf2336408c342199cb374b13009e6b7f5d51f8b3fc4d6737eb091b4316b18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
x-backend
default
x-svc-env
prod
age
1532901
xkey
/proof/xzv2Re2dhcgVXQHFsQJabg.png
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
35000
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:AB03_00000000:0050_64367BE2_590BB:EEB9
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
5ae1501a520fde7dae79190ef03eae36
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 10:09:57 GMT
LXUGMsM76TZFUMCwm9Eu27-1200-80.png.webp
cdn.mos.cms.futurecdn.net/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/LXUGMsM76TZFUMCwm9Eu27-1200-80.png.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
aae46588e22c3f48aba79a31219636b6ba9f4797b400f3e78f35e75b353607c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
x-backend
default
x-svc-env
prod
age
1089273
xkey
/proof/LXUGMsM76TZFUMCwm9Eu27.png
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
26722
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:51F8_00000000:0050_643D40D0_4B34E3:34F7
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
baf744fbd88013abd7e72fabf57bbc72
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Fri, 16 Jun 2023 12:56:08 GMT
SCSrRdpJBGc6DocBHHS8jg-1200-80.png.webp
cdn.mos.cms.futurecdn.net/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/SCSrRdpJBGc6DocBHHS8jg-1200-80.png.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
28bc2280781d820509c72c551b779595cbd4a74126bb376d8feebd06a9b572f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
x-backend
default
x-svc-env
prod
age
1533015
xkey
/proof/SCSrRdpJBGc6DocBHHS8jg.png
x-ftr-dc
IX
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
22738
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulkproxyprodred
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:B7DA_00000000:0050_64367B71_52889:69B8
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
190399c8753dd8bc54009c1d20a7f1d4
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sun, 11 Jun 2023 09:38:07 GMT
aF9mPAcoG5EZwNgo6gNUBh-1200-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mos.cms.futurecdn.net/aF9mPAcoG5EZwNgo6gNUBh-1200-80.jpg.webp
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.252.240.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8fc3f5c6ae75700026ae34a5f17d10c0814ff5703357e4e36fc7d29ff2abbb67

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
x-backend
default
x-svc-env
prod
age
988255
xkey
/proof/aF9mPAcoG5EZwNgo6gNUBh.jpg
x-ftr-dc
uk-lon2
x-ftr-realm
pip
x-ftr-backend
mos_kodiak
x-ftr-cache-status
MISS
content-length
17770
x-svc-build-time
Tue Mar 21 16:09:25 UTC 2023
x-ftr-balancer
bulk-proxy-1
x-served-by
kodiak-varnish-65848cc5d7-4ckmv
x-ftr-request-id
00000000:A2B1_00000000:0050_643ECB68_635C2F:11D88
x-svc-go-version
1.17.8
server
Footprint Distributor V6.1.1162
etag
b89f1caab0a2f696f1a8e556466b9088
x-svc-name
kodiak-mos-adapter-svc
vary
Origin
content-type
image/webp
x-ftr-backend-server
kube
cache-control
max-age=5184000
x-svc-version
latest
accept-ranges
bytes
expires
Sat, 17 Jun 2023 16:59:14 GMT
localeSelector.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/localeSelector.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eed684f280f990b072c6578a25b58f40da97c72120c8863ca5e21991a7ab1067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
480366
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7216
x-served-by
cache-yul12829-YUL
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFFA752A619:CC12_00000000000000000000FFFFB9711932:01BB_64468B5C_1537208:96EBD
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682825163.694665,VS0,VE0
etag
W/"5f41-187b2b5d208"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
21446
regionRedirectBanner.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/regionRedirectBanner.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be6df29fec7557868e70308f8e4c492a8e941e0c44b6f88ce6176021b1ea257c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
480366
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1521
x-served-by
cache-yul12829-YUL
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFFA752A618:F1F6_00000000000000000000FFFFB9711932:01BB_64468B5C_1537209:96EBD
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682825163.723398,VS0,VE0
etag
W/"e78-187b2b5d208"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
23587
popularBox.js
slice.vanilla.futurecdn.net/11-0-2/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slice.vanilla.futurecdn.net/11-0-2/js/popularBox.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e25463f998d8185abfd114fc94abb218682898b619c3d3721adf375ffb95b162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31536000
age
480209
x-cache
HIT
x-ftr-backend
van-prod
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4532
x-served-by
cache-yul12829-YUL
x-ftr-balancer
vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id
00000000000000000000FFFFA752A617:3D9A_00000000000000000000FFFFB9711932:01BB_64468BFA_1551E7D:96EBD
last-modified
Mon, 24 Apr 2023 10:01:12 GMT
x-timer
S1682825163.723568,VS0,VE0
etag
W/"36a1-187b2b5d208"
vary
accept-encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ftr-backend-server
http.van-prod
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
7932
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A200%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
828d6ee308a5f4de2313a650decbfaf8774938dc7c9e78f1686892ea622fbc2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 03:26:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
rm2EAKwiYmMiPrlYI-WySUU2q-mIrpODzpXROXAcVO2Ip6-mkCGRqA==
messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A200%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 30 Apr 2023 03:26:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-id
9vYb-WVwxVkpSrzIvQDCwAo7HWnG5HapBV3qh-LlM7Km4Uht42qcsQ==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1011119-1&cid=955708892.1682825163&jid=604446450&gjid=1048551510&_gid=1614910450.1682825163&_u=YGBAgEABBAQCAEAAI~&z=890973534
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 30 Apr 2023 03:26:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=825535187&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&ul=en-us&de=UTF-8&dt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAQCAAAAI~&jid=604446450&gjid=1048551510&cid=955708892.1682825163&tid=UA-1011119-1&_gid=1614910450.1682825163&cd57=null&cd40=Microsoft&cd41=SolarWinds%7CMicrosoft_Office%7CMicrosoft_365%7CBinary_file%7CComputer_security&cd42=SolarWinds&cd43=Microsoft%7CTrellix%7CFederal_government_of_the_United_States&cd45=Microsoft&cd46=Enterprise_Security&cd47=Microsoft_blocks_customer_access_to_malicious_SolarWinds_binaries&cd50=5&cd51=false&cd58=Enterprise_Security%7CMalware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=itpro-pages-358153&cd7=keumars_afifi-sabet&cd99=0&cd128=16-12-2020&cd1=news&cd2=&cd3=malware%7Csecurity&cd6=%7Centerprise_security%7Caccess-metered%7Cserversidehawk&cd8=16-12-2020&cd27=673941&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext&cd53=2020-12-16T11%3A59%3A53Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=accessmetered%7Cserversidehawk&cd31=10&cd30=4g&cd70=SIGNUP%20-%20Side%20Bar%3A1&z=226531935
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 09:26:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64788
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
merchant-domains.php
search-api.fie.future.net.uk/ 		565 KB
97 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.future.net.uk/merchant-domains.php?site=ITPROUS
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.113.25.53 London, United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
Software
/
Resource Hash
6ed37e8ff4b515fb0c9ba90d1dc4a85c241994a7a454efa001209660d67c5778

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:13:22 GMT
Content-Encoding
gzip
X-Hawk-Country
Age
760
X-Hawk-Area
CA
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-api
X-FTR-Cache-Status
HIT
Content-Length
98722
X-FTR-Expires
Sun, 30 Apr 2023 03:33:22 GMT
X-FTR-Balancer
hawkproxyprodblue
X-FTR-Request-ID
00000000:BBD0_00000000:01BB_644DDFCB_1F0CDFA:6C20
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8;
Access-Control-Allow-Origin
*
X-FTR-Backend-Server
fievarnishprodred
Cache-Control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.itpro.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-id
9jSLT2JHwiX1GVq9xXf42wG259TCaiVUUFYV43bodOd2ao5AWD68oQ==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.itpro.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-id
1Z8_tUnQeOvICFvs9qZlnDHgSX2yTDOU5Neg9IKjdwIsd5EIGTroxw==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
fbevents.js
connect.facebook.net/en_US/ 		108 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1288df0a77810a31168d5f3cca4d5e22aad4886b3930ee08595b4c589c490ea9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Apr 2023 03:26:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27911
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
20MVuzLWlJJW20hePq8a0LdDEH3/Anev1xdCaoatCjQ2HysN2B+LRa8ASHoCtmkCObc79q27p8MCCreB+K0ung==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1460883810
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
hit.gif
uk-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk-script.dotmetrics.net/hit.gif?id=12368&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&dom=www.itpro.com&r=1682825162970&pvs=1&pvid=21834c7d-1f9f-4390-b9f1-c3d610a13b01&c=true&tzOffset=0&doorUrl=http%3a%2f%2fuk-script.dotmetrics.net%2fdoor.js%3fd%3dwww.itpro.com%26t%3ditprous
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-91.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
dotmetrics-hit-status
01 OK
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
N_aKiXER0sfyruek1b_9c1QfeRNkOYlPrBe19RmIe8PwSsg6qRq3Ag==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=12368&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&dom=www.itpro.com&r=1682825162970&pvs=1&pvid=21834c7d-1f9f-4390-b9f1-c3d610a13b01&c=true&tzOffset=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2507:4400:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:26:48 GMT
via
1.1 7d45df102f7d9d8d1e751494b7de13ac.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
ORD58-P7
age
61156
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
tkKg2QNs10MROAofr1t5VWlXz3d0WJX94BLhvXVOEd4gqM6J6WcDgA==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		190 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
8da2df2e6263a874b5548303460f8673f55a9948c84fe3efb6b4c85f25b9ecde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
190
x-amz-cf-id
bv3n3RiN8mZPnAtvDWJcS03UUXCJgXA7Fai4A2_a19iPHx_l1BaAIQ==
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		195 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=412849145418297616ee16&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-8.jfk50.r.cloudfront.net
Software
/ Express
Resource Hash
fd5ca9b5e63c1931e62e35da36cabcc4089e3cc0f2d575be240fbbbdb37f5e3c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
195
x-amz-cf-id
UE0PwY2M_NA-ve_PMUkdsghc9_TwUowhCtWNwO2oXkm8g6I6NsAsng==
YYRngYhb
cdn.jwplayer.com/v2/playlists/ 		43 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/YYRngYhb
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-mobile-responsive.f91cccb9d9c4b32015ed.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:a200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
fa9024748ea13aa5247fdd873dd053d6b9e00232e5de9e449f06448aafe84ad5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
6272
x-amz-cf-id
FZ40AINhjeBq3WELItVG5oB3i58oaNiTl9dPqIgLE4Ht2VsKYH_QFA==
expires
Sun, 30 Apr 2023 03:29:03
aWeJUC35.js
content.jwplatform.com/libraries/ 		119 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/aWeJUC35.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-carousel-mobile-responsive.f91cccb9d9c4b32015ed.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
bea24d6d6fbe66b16ddd45a09e5d4d575c4a2a72c1c837b33d6b1c4948f055b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
44667
x-amz-cf-id
K671jMs_DX8FZt4nUxTYxv6gXt3jrp1kGQ0GM42RLXSWCHbXOIo1eA==
pxid
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co/v2.0/ 		46 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co/v2.0/pxid?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
714005341a2586e849c2b3d373b309609644242f316a359c43ed296730ae956e

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:03 GMT
AN-X-Request-Uuid
610671c2-4919-4105-8815-c060c17fe86e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.itpro.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6093eccf-6734-4877-ac8b-83d6d0e27b46-models.bin
cdn.permutive.com/models/v2/ 		284 KB
197 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/6093eccf-6734-4877-ac8b-83d6d0e27b46-models.bin
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16d16160bebde74a854d1fc23e9aa6cd2d4c23ab066cf5fd69a894a3cdf0e73a

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
6093eccf-6734-4877-ac8b-83d6d0e27b46
age
0
x-guploader-uploadid
ADPycdt8Ob9ybSIa8V7uARYji5GZ6fa2Kwus2SF81r3EkqipKVdfxBQ53jLXm_qRyK8rHynaS51WyexV_joj1Phb29wqXdneXVtL
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
200595
last-modified
Sat, 29 Apr 2023 06:02:27 GMT
server
cloudflare
etag
"dd49a856daa0c9cbee269875df008577"
vary
Accept-Encoding
x-goog-generation
1682748147452882
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=/zV9mg==, md5=3UmoVtqgycvuJph13wCFdw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
200595
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bfcae556c7653e9-YYZ
expires
Sun, 30 Apr 2023 03:26:03 GMT
geoip
api.permutive.com/v2.0/ 		249 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
watson
api.permutive.com/v2.0/ 		375 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f0558d4c4942be82fabff261964cbe334fdb8457c683b4047e8f4bc67db8a261

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
setup-model.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		112 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/setup-model.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f850b873a6a2db355fec9fbaaa13b585498b128c72f877ef0a75f3f1749b089
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
223099
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
x-ftr-balancer
hawk-proxy-185-113-25-36
x-served-by
cache-lon420133-LON, cache-yul12825-YUL
x-ftr-request-id
00000000:3C46_00000000:01BB_644A7850_13CBF5B:5C9E
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825163.096386,VS0,VE0
etag
W/"644a4d47-1bec2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length
28540
accept-ranges
bytes
x-cache-hits
1, 6716
setup-seasonal.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/setup-seasonal.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
072b55359f2331e73f47f41e96fe5c7d640eaee1a1343d81e9c59477bbaf636f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
223099
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
x-ftr-balancer
hawkproxyprodblue
x-served-by
cache-lon4246-LON, cache-yul12825-YUL
x-ftr-request-id
00000000:3B9A_00000000:01BB_644A784D_9CB400:6C1F
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825163.096759,VS0,VE0
etag
W/"644a4d47-8b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length
977
accept-ranges
bytes
x-cache-hits
1, 7682
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=955708892.1682825163&jid=604446450&_u=YGBAgEABBAQCAEAAI~&z=2046296292
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=955708892.1682825163&jid=604446450&_u=YGBAgEABBAQCAEAAI~&z=2046296292
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=825535187&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&ul=en-us&de=UTF-8&dt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=future_id&ea=set%20hybrid_id&el=&_u=aGBAgEABBAQCAEAAI~&jid=&gjid=&cid=955708892.1682825163&tid=UA-1011119-1&_gid=1614910450.1682825163&cd57=null&cd40=Microsoft&cd41=SolarWinds%7CMicrosoft_Office%7CMicrosoft_365%7CBinary_file%7CComputer_security&cd42=SolarWinds&cd43=Microsoft%7CTrellix%7CFederal_government_of_the_United_States&cd45=Microsoft&cd46=Enterprise_Security&cd47=Microsoft_blocks_customer_access_to_malicious_SolarWinds_binaries&cd50=5&cd51=false&cd58=Enterprise_Security%7CMalware%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd5=itpro-pages-358153&cd7=keumars_afifi-sabet&cd99=0&cd128=16-12-2020&cd1=news&cd2=&cd3=malware%7Csecurity&cd6=%7Centerprise_security%7Caccess-metered%7Cserversidehawk&cd8=16-12-2020&cd27=673941&cd33=text%2Ctext%2Ctext%2Cembed%2Ctext%2Cboxout%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext%2Ctext&cd53=2020-12-16T11%3A59%3A53Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=accessmetered%7Cserversidehawk&cd31=10&cd30=4g&cd70=SIGNUP%20-%20Side%20Bar%3A1&cd77=cde15a1a2ad54a38ae8e112a8c855dc6&z=1153786050
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 12:09:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54999
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
0de6ee34-15b3-42b2-b0aa-eb98dfff97e7
https://www.itpro.com/ 		553 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.itpro.com/0de6ee34-15b3-42b2-b0aa-eb98dfff97e7
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6c79b5559654c57bb181aebc74a4687abf0d9f5e64fd75ddaf9b612ee829e7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
565950
Content-Type
script.js
uk-script.dotmetrics.net/Scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/Scripts/script.js?v=224
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/door.js?d=www.itpro.com&t=itprous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-91.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
69bc6a7d93e0fb524d0872c1be88834c14147d5ae7da3c71fdeb7574359ea9ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 07:17:58 GMT
server
Kestrel
x-amz-cf-pop
EWR52-C4
etag
"1d97421661c9589"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
fVD76p_nWPB_MDO5Nax0f6Ym5iddg-X81nHQ9dI00DQNS5QZli2Qyw==
2482549652030483
connect.facebook.net/signals/config/ 		375 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2482549652030483?v=2.9.103&r=canary
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d905eb71a8a01bced2ee7bf50cce529b0d011d76348a2094d45c3fb1e4dda975
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Apr 2023 03:26:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
HBvyY8QQcbhd1BAkcb4gBw9wbwfyq+q1e/WpbxOuRUTzxfnxV47ZpRekItsJQwY/Q585/nRvJw91IuOY8nrTlw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1460883810
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
seasonal.php
search-api.fie.futurecdn.net/ 		58 B
728 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/seasonal.php?article_type=news&article_category=retail&language=en-CA&site=ITPRO&device=desktop&origin=widgets-clientside
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8feb88d54326d8b62ded416cc77970ca3939ef3c293e14d45cce83ef1d965783
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
680
x-hawk-area
CA
x-ftr-dc
IX
x-cache
MISS, MISS
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
55
x-ftr-expires
Sun, 30 Apr 2023 03:34:42 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-36
x-served-by
cache-lon4227-LON, cache-yul12824-YUL
x-ftr-request-id
00000000:E672_00000000:01BB_644DDFC7_273B678:5C9E
x-timer
S1682825163.210802,VS0,VE86
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
0, 0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71e43717c2deabc5fb17ab78189733634524eb3bd21a3a4e868a9fbc2473863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24756
x-xss-protection
0
server
cafe
etag
456 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 03:26:03 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.96.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-96-55.pmo50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 09:07:00 GMT
Content-Encoding
gzip
Via
1.1 850e473518cf1b0753dde2e6ac8fb01e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PMO50-C1
Age
592119
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
a4sMN8GUv5H81s_Fxp5OPvewsfwG2WeNgwsSuTTpHK8RoahojiBpgw==
[request].97fa6f1a01a3ed09615a.js
bordeaux.futurecdn.net/ 		303 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
82061d5aac200e4ae6e6beca7e5361b0971f08d848febb283e8e18e62f3383a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
bordeaux-version
latest
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 27 Mar 2023 14:21:15 GMT
etag
W/"6421a65b-4bdd4"
x-hw
1682825163.cds240.dc2.hn,1682825163.cds215.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
97586
widget.php
search-api.fie.futurecdn.net/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/widget.php?model_name=TechRadar%20Magazines&article_type=news&article_category=retail&language=en-CA&site=ITPRO&filter_product_types=deals%2Csubscriptions&rows=1&device=desktop&origin=widgets-clientside
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
63605ac98d7f39a42377abf9a1f64a4d75e1b61989b9b6820a58ad7b0cb05cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
680
x-hawk-area
CA
x-ftr-dc
IX
x-cache
MISS, MISS
x-ftr-realm
pip
x-ftr-backend
fie-api
x-ftr-cache-status
HIT
content-length
1392
x-ftr-expires
Sun, 30 Apr 2023 03:34:42 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon420116-LON, cache-yul12824-YUL
x-ftr-request-id
00000000:183C_00000000:01BB_644DDFCA_29DF9F9:0543
x-timer
S1682825163.248246,VS0,VE82
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits
0, 0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c564b1bd3750403c1be3715329aac66d95251dac48377652eae00e74bc5280d9

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:00:20 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
1544
x-amz-server-side-encryption
AES256
etag
W/"644915d59292b7496ff86a0d2c460fce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
kYv6N494GgYFNW0vm2OK7AaFvH8BlIdx759WJanINdTFSXtMGD6NFg==
ats.js
ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ 		346 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ats.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.225.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-225-44.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5756f0c3ffdb3158a395092934f42c6b5aadc1045553ca68fe6ad29eac76d53f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
yq22de.DbHXb2TYKtB.OsGDnzs6wgRjd
content-encoding
gzip
via
1.1 066d5eaaff20d6378af3afe6096d7830.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:36:03 GMT
last-modified
Mon, 11 Apr 2022 08:56:57 GMT
server
AmazonS3
x-amz-cf-pop
ORD58-P4
age
3001
x-amz-server-side-encryption
AES256
etag
W/"18771779d5daf599c4df7511f16e41a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
MRSpBoLpPj5BGhT0rQ5ubEVAR9EQeKhdr7fk1fj7Ld5d5at_o7PweQ==
seasonal.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/seasonal.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
299182523432e90745bd30b529ed1bc58a9df3b181eedadc8ceec28516f9605d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
223098
x-hawk-area
CA
x-ftr-dc
IX
x-cache
HIT, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
content-length
993
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon420147-LON, cache-yul12832-YUL
x-ftr-request-id
00000000:A1A6_00000000:01BB_644A7850_15113A0:0543
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825163.336905,VS0,VE0
etag
W/"644a4d47-8ee"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodwhite
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges
bytes
x-cache-hits
1, 7605
audiences
api.permutive.com/audience-matching/v1/id/10c98191-64a7-4b3c-8272-fbb03c4359b0/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/10c98191-64a7-4b3c-8272-fbb03c4359b0/audiences?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
SiteEvent.dotmetrics
uk-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTIzNjgsImZsIjp0cnVlLCJkb20iOiJ3d3cuaXRwcm8uY29tIiwibHNvIjpudWxsLCJ1cmwiOiJodHRwczovL3d3dy5pdHByby5jb20vc2VjdXJpdHkvMzU4MTUzL21pY3Jvc29mdC1ibG9ja3MtY3VzdG9tZXItYWNjZXNzLXRvLW1hbGljaW91cy1zb2xhcndpbmRzLWJpbmFyaWVzIiwicnVybCI6IiIsInB2aWQiOiIyMTgzNGM3ZC0xZjlmLTQzOTAtYjlmMS1jM2Q2MTBhMTNiMDEiLCJ0ek9mZnNldCI6MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D&r=1682825163603
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/Scripts/script.js?v=224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-91.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
099d35db4f708c1127c50f466617aefaa4e2c04c1bd796a8d45161617673a72b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
go54F1NtoAeanxJkUkPIkyJ-ahlDkTk0SmfRWFUeqjyFex9AHRqSpQ==
segment
api.permutive.com/adv/v2/ 		30 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:03 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
promotion.js
search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.futurecdn.net/js/w/es6/16.42.29-67455660040496529eb87be2b3a0dd3ef00075b5/promotion.js
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/responsive.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f30512918099b651f305fa9c9c508b9e10ba105f0e89d8ad6af79c19bea1a4e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-hawk-country
strict-transport-security
max-age=31557600
via
1.1 varnish, 1.1 varnish
age
223098
x-hawk-area
CA
x-ftr-dc
IX
x-cache
MISS, HIT
x-ftr-realm
pip
x-ftr-backend
fie-assets
x-ftr-cache-status
HIT
content-length
1217
x-ftr-expires
Fri, 26 Apr 2024 13:27:44 GMT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer
hawk-proxy-185-113-25-40
x-served-by
cache-lon4279-LON, cache-yul12832-YUL
x-ftr-request-id
00000000:9DBE_00000000:01BB_644A7853_B0A897:0542
last-modified
Thu, 27 Apr 2023 10:24:07 GMT
x-timer
S1682825164.641918,VS0,VE0
etag
W/"644a4d47-10ac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ftr-backend-server
fievarnishprodred
cache-control
max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges
bytes
x-cache-hits
0, 4940
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
19302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Apr 2024 22:04:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		277 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itpro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9723eb6a9705346630fe4eac739c8af6eca11ae57393d45c95bce048231427d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
x-xss-protection
0
expires
Sun, 30 Apr 2023 03:26:03 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:51:49 GMT
x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 fd4983be77ace22659323918c5b30f1e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
74055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
0P_22GU8rJbxTKqOhHPgOdJvi6KdmI804mrZEunlqbafTqoCsoO2cg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3032&u=https%3A%2F%2Fwww.itpro.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:03 GMT
via
1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.itpro.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
P8qbplot-6oTk1dZT8UIuZT1aCvZF8z0cooQVPVOh4a36bihFegNfQ==
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:17:30 GMT
via
1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront), 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
68913
x-amzn-requestid
e56cd0d6-06e1-448d-9296-725718ea44c8
x-amzn-trace-id
Root=1-644cd29a-35f6fa06697e198b3d57b527;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
EIXYKFDgjoEFs4A=
content-length
30
x-amz-cf-id
70h0ECOZedCAkuD3vAWmSm0wGZuzM1wi3NSZtdUSEQya8YqoJhyY_A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f49514fe-dcca-4424-be6a-9f85d01f1ce1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:17:30 GMT
via
1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront), 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
68913
x-amzn-requestid
e56cd0d6-06e1-448d-9296-725718ea44c8
x-amzn-trace-id
Root=1-644cd29a-35f6fa06697e198b3d57b527;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
EIXYKFDgjoEFs4A=
content-length
30
x-amz-cf-id
BJ3WKEKsrhGrxQ8o6NoTti2g6Agy4FgQQ1CM1-4KcEV9C7Lr2g7oMw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C94788&rdf=1
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
date
Sun, 30 Apr 2023 03:26:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
segment
api.permutive.com/clm/v1/ 		49 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2482549652030483&ev=PageView&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&rl=&if=false&ts=1682825163829&sw=1600&sh=1200&v=2.9.103&r=canary&ec=0&o=30&ttf=3779&tts=3138.099998474121&ttse=3777&cs_est=true&fbp=fb.1.1682825163828.282071913&it=1682825163192&coo=false&rqm=GET
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 30 Apr 2023 03:26:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2482549652030483&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&rl=&if=false&ts=1682825163833&cd[segment_id]=73403&sw=1600&sh=1200&v=2.9.103&r=canary&ec=1&o=30&ttf=3788.099998474121&tts=3138.099998474121&ttse=3777&fbp=fb.1.1682825163828.282071913&it=1682825163192&coo=false&rqm=GET
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 30 Apr 2023 03:26:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
r.skimresources.com/api/ 		164 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?persistence=1&xguid=01BT2SNRZKMTD96W8181AS0KKC&data={%22pubcode%22:%2292X363%22,%22domains%22:[%22itpro.com%22,%22microsoft.com%22,%22sec.gov%22,%22zdnet.com%22],%22page%22:%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22}&checksum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Requested by
Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/hl/es6/hawklinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
c2bfc78270177189594fa11b552bb6ccd7000bd3aabd68aac3a2a2a87b0ecc6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
inference.js
ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/inference.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 varnish
age
17955404
x-cache
HIT
content-length
5464
x-served-by
cache-yul12830-YUL
last-modified
Mon, 04 Oct 2021 07:39:43 GMT
server
AmazonS3
x-timer
S1682825164.013534,VS0,VE0
etag
"a777fcd9584e62f04dc53d548d8adb31"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
accept-ranges
bytes
x-cache-hits
214388
googima.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/googima.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a7a659a1b8a811f331f5b6fd5d0eed07a4ce6d43adbf7be275edeb526553b7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 varnish
age
24941
x-cache
HIT
content-length
21872
x-served-by
cache-yul12830-YUL
last-modified
Mon, 27 Mar 2023 20:13:26 GMT
server
AmazonS3
x-timer
S1682825164.013739,VS0,VE0
etag
"19040322fd3ffc0e16b5d36646e6f667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
36991
bidding.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		355 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66732ac5ea743b7c5041ea968062eb32ade9edd4d26dc934388b4f0f222c8a75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 varnish
age
2217
x-cache
HIT
content-length
113784
x-served-by
cache-yul12830-YUL
last-modified
Mon, 27 Mar 2023 20:13:13 GMT
server
AmazonS3
x-timer
S1682825164.013788,VS0,VE0
etag
"0e0ed37fc1127ef6ecd88c4de7f72ef7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
645
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 varnish
age
544
x-cache
HIT
content-length
19101
x-served-by
cache-yul12830-YUL
last-modified
Wed, 26 Apr 2023 15:46:14 GMT
server
AmazonS3
x-timer
S1682825164.013711,VS0,VE0
etag
"091cf336ba8e3328147ba88e7a9ff40c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
771
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		316 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/jwplayer.core.controls.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 varnish
age
2789746
x-cache
HIT
content-length
84566
x-served-by
cache-yul12830-YUL
last-modified
Mon, 27 Mar 2023 20:13:21 GMT
server
AmazonS3
x-timer
S1682825164.013965,VS0,VE0
etag
"3c5ff110bccc0950103d3f24d854eac2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
417930
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		384 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.hlsjs.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 varnish
age
2789746
x-cache
HIT
content-length
114232
x-served-by
cache-yul12830-YUL
last-modified
Mon, 27 Mar 2023 20:13:23 GMT
server
AmazonS3
x-timer
S1682825164.014013,VS0,VE0
etag
"f8f2c425fdf03e4ff59fcf93935a5461"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
269939
segment
api.permutive.com/clm/v1/ 		49 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D89871%2C90272%2C94788
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,90272,94788
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,90272,94788
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,90272,94788
date
Sun, 30 Apr 2023 03:26:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=825535187&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&ul=en-us&de=UTF-8&dt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliates&ea=Hawk%20appeared&el=%7B%22seasonal%22%3A1%2C%22promotion%22%3A1%7D&_u=6GDAAEABBAQCAGAAI~&jid=123528639&gjid=1324783284&cid=955708892.1682825163&tid=UA-1011119-1&_gid=1614910450.1682825163&_r=1&cd40=Microsoft&cd41=SolarWinds%7CMicrosoft_Office%7CMicrosoft_365%7CBinary_file%7CComputer_security&cd42=SolarWinds&cd43=Microsoft%7CTrellix%7CFederal_government_of_the_United_States&cd45=Microsoft&cd46=Enterprise_Security&cd47=Microsoft_blocks_customer_access_to_malicious_SolarWinds_binaries&cd50=5&cd58=Enterprise_Security%7CMalware%7CSecurity&cd10=EN-US&cd5=itpro-pages-358153&cd7=keumars_afifi-sabet&cd99=0&cd128=16-12-2020&cd1=news&cd3=malware%7Csecurity&cd6=%7Centerprise_security%7Caccess-metered%7Cserversidehawk&cd8=16-12-2020&cd27=673941&cd33=null&cd53=2020-12-16T11%3A59%3A53Z&cd61=pageLoad&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS&cd134=accessmetered%7Cserversidehawk&cd31=10&cd30=4g&cd70=SIGNUP%20-%20Side%20Bar%3A1&cd12=null&cd14=null&cd16=null&cd17=2&cd25=null&cd37=null&cd48=null&cd60=null&cd65=null&cd66=null&cd73=null&cd75=null&cd76=null&cd84=null&cd90=null&cd105=null&cd111=null&cd115=null&cd116=null&cd117=null&cd118=null&cd122=null&cd124=null&cd125=null&cm1=4071&cm3=2315.3999977111816&cm27=9007&z=1748304556
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.18.0&referrer=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&tmax=3000&gdpr=false&us_privacy=1YNN
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.240.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-240-118.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
x-auction-status
12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=2&alt_size_ids=55%2C57%2C78&gdpr=0&us_privacy=1YNN&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fleaderboard&tk_flint=pbjs_lite_v7.18.0&x_source.tid=a2af75b0-e257-43e5-bf87-40395989925b&l_pb_bid_id=17474245974c527&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fleaderboard&slots=1&rand=0.09879525698810476
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
162c6eea796e0b8eae9dcfdf4ae06993797bb21db13b7315d60fb95049955abf

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
331
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		322 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1YNN&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu1&tk_flint=pbjs_lite_v7.18.0&x_source.tid=50bf68b6-1dea-4e86-bf71-61ab87d71e44&l_pb_bid_id=1864ce53276bbd9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu1&slots=1&rand=0.7616907417405074
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
159ce30ad349ae6583f958ab75efbdffec063b1ded2d5de0ff44fa2529306c85

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
322
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		322 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1YNN&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu2&tk_flint=pbjs_lite_v7.18.0&x_source.tid=b52009ad-5ab7-4d28-8ccf-0656e7c0c6a1&l_pb_bid_id=19bff1a138fb4ca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu2&slots=1&rand=0.5588384068776833
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c4978c1d109c500b026d774c56a4914e26dd62f3a2ccf34e549fcc85afb0bca

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
322
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		322 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=15&alt_size_ids=10&gdpr=0&us_privacy=1YNN&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu3&tk_flint=pbjs_lite_v7.18.0&x_source.tid=8052bcd2-38ba-41a7-a06d-35c6ae99f397&l_pb_bid_id=20a6c6f8fbf2cea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu3&slots=1&rand=0.5078539624459208
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6c4bcbf57f8959f0ba6d6aa95975ae4b9c7bf0fb003ce72a8656bf308d88cf83

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
322
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=221&gdpr=0&us_privacy=1YNN&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fskin&tk_flint=pbjs_lite_v7.18.0&x_source.tid=5b521fb9-1b9a-4e94-832c-d0efae8d4857&l_pb_bid_id=218d8f17297084b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fskin&slots=1&rand=0.6752062597241266
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a501d499f6532efe4ba6dc3098dc617b9dcbe5232627b4144baae3cd54995717

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9788&site_id=463342&zone_id=2723034&size_id=221&gdpr=0&us_privacy=1YNN&rf=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&tg_i.pbadslot=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Foverlay&tk_flint=pbjs_lite_v7.18.0&x_source.tid=2c2ab15d-4c30-4263-8b51-97da55f66de2&l_pb_bid_id=2256dde8fb28255&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Foverlay&slots=1&rand=0.01663245754565268
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a450adc11167fe47aaa001689c40ebfeff30a964ba412dd0520129c35ef0d0f

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.itpro.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
306
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
AN-X-Request-Uuid
eeffefa9-35b9-4712-a01a-4ae4541b3cdb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.itpro.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.itpro.com
date
Sun, 30 Apr 2023 03:26:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		24 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d1b125509d8acbf90968f6dd62075db08934bf78ce3445085a234125c4e7fe5

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=934082&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224782924407ecf5d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu3%22%2C%22adunitcode%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu3%22%2C%22divId%22%3A%22bordeaux-standard-ad-3%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22481642935bdbb94%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%2C%7B%22w%22%3A980%2C%22h%22%3A240%2C%22ext%22%3A%7B%22siteID%22%3A%22934082%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fleaderboard%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fleaderboard%22%2C%22tid%22%3A%22a2af75b0-e257-43e5-bf87-40395989925b%22%7D%7D%2C%7B%22id%22%3A%2252ba3af61a6ff57%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A251%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A601%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu1%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu1%22%2C%22tid%22%3A%2250bf68b6-1dea-4e86-bf71-61ab87d71e44%22%7D%7D%2C%7B%22id%22%3A%2254077f66d45037e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A252%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A602%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu2%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu2%22%2C%22tid%22%3A%22b52009ad-5ab7-4d28-8ccf-0656e7c0c6a1%22%7D%7D%2C%7B%22id%22%3A%225613c125124a141%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A253%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A603%2C%22ext%22%3A%7B%22siteID%22%3A%22934084%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu3%22%2C%22gpid%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu3%22%2C%22tid%22%3A%228052bcd2-38ba-41a7-a06d-35c6ae99f397%22%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c106846be2b6d531dd353cdfc6af00efdcdce38f0ded4cfeb081e23466121f4e

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsUhJ7lcokKdTVgc9fvyLzvktXPW8pclEXqY05X1l4lS5O%2FeZJk%2F5SBVOIsZ6ojIDRh01yD1nhpodKyNvFRSP3QsJ%2FxjWrF2avKr4dWOQqONqYOc%2BlMaNfUA1OqkufaePX%2FPCMxp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bfcae5cc8183ff8-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hb
hb.undertone.com/ 		0
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2731&domain=itpro.com&gdpr=0&gdprstr=&ccpa=1YNN
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.200.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-200-32.ord56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
via
1.1 8a36bb60a67e5371caee5a5cf75eedf0.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
ORD56-P5
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.itpro.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
x-amz-cf-id
UYELv2s0c88Sjq8mGZeimXXO5pU55XgWUt_ArK8rJEzKe7WKs8m1FQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3032&u=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&pid=I0r9NHG9Y95Sv&cb=0&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%22bordeaux-standard-ad-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fleaderboard%22%7D%2C%7B%22sd%22%3A%22bordeaux-standard-ad-1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu1%22%7D%2C%7B%22sd%22%3A%22bordeaux-standard-ad-2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu2%22%7D%2C%7B%22sd%22%3A%22bordeaux-standard-ad-3%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F10518929%2Fitpro.co.uk%2Fnews%2Farticle%2Fmpu3%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.127.224 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-127-224.ord56.r.cloudfront.net
Software
Server /
Resource Hash
6019d8ccb76312dc1e1328b7e54802616311bf6d6b438418a2ba60512a5d9e5c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b90806651a118b36ba53c2be6c347c46.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD56-P6
x-amz-rid
DSZHM9C8679TRKNHF5DY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1796
x-amz-cf-id
E0G2vC8TqS7ddHbrQY-cKPzEaoLCUPHMVymHfkAWGImTNZFNOs0nlA==
pub
pixel.adsafeprotected.com/services/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=923193&slot=%7Bid:bordeaux-standard-ad-0,ss:%5B970.250,970.90,728.90,980.240%5D,p:/10518929/itpro.co.uk/news/article/leaderboard,t:display%7D&slot=%7Bid:bordeaux-standard-ad-1,ss:%5B300.600,300.250,300.251,300.601%5D,p:/10518929/itpro.co.uk/news/article/mpu1,t:display%7D&slot=%7Bid:bordeaux-standard-ad-2,ss:%5B300.600,300.250,300.252,300.602%5D,p:/10518929/itpro.co.uk/news/article/mpu2,t:display%7D&slot=%7Bid:bordeaux-standard-ad-3,ss:%5B300.600,300.250,300.253,300.603%5D,p:/10518929/itpro.co.uk/news/article/mpu3,t:display%7D&slot=%7Bid:bordeaux-standard-ad-4,ss:%5B1.1%5D,p:/10518929/itpro.co.uk/news/article/skin,t:display%7D&slot=%7Bid:bordeaux-standard-ad-5,ss:%5B1.1%5D,p:/10518929/itpro.co.uk/news/article/overlay,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=759150a7-4078-a153-930c-59470753b210&url=https%253A%252F%252Fwww.itpro.com%252Fsecurity%252F358153%252Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.147.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-147-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
aed1f09c9197c189b1c9b08216a3bca38de439527ad97da28761c744cc9d2fc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx
x-server-name
app14.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
partner
pixel.servebom.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2%26svc%3Dus%26id%3D23%2C26%2C29%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fpixel.servebom.com%252Fpartner%253Fcb%253D2%2526svc%253Dus%2526id%253D23%252C26%252C29%2526uid%253D%24UID
  • https://pixel.servebom.com/partner?cb=2&svc=us&id=23,26,29&uid=6812978323417459240
70 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=2&svc=us&id=23,26,29&uid=6812978323417459240
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d9010195-8f41-4422-a235-22afd2a51b26
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.servebom.com/partner?cb=2&svc=us&id=23,26,29&uid=6812978323417459240
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
pixel.servebom.com/
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=de2d90e5-4d26-4c8c-a342-3edcde51fdb1&ph=25af9286-f23b-4b02-abcd-f2ee3b564dab&r=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8408%26svc%3...
  • https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=de2d90e5-4d26-4c8c-a342-3edcde51fdb1&ph=25af9286-f23b-4b02-abcd-f2ee3b564dab&r=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8408%26...
  • https://pixel.servebom.com/partner?cb=8408&svc=us&id=22&uid=47b9a7ef-0661-0f81-1a7f-791586c16d0e
70 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=8408&svc=us&id=22&uid=47b9a7ef-0661-0f81-1a7f-791586c16d0e
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png

Redirect headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://pixel.servebom.com/partner?cb=8408&svc=us&id=22&uid=47b9a7ef-0661-0f81-1a7f-791586c16d0e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
uc.js
sync.go.sonobi.com/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3188d77b7c82555fdbd3a7c6688ff7ffa788dcbd06ad065c02bed79d5e0bdb16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-66
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
994
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
partner
pixel.servebom.com/
Redirect Chain
  • https://purch-sync.go.sonobi.com/us?https://pixel.servebom.com/partner?cb=8454&svc=us&id=9&uid=[UID]
  • https://pixel.servebom.com/partner?cb=8454&svc=us&id=9&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
70 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=8454&svc=us&id=9&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://pixel.servebom.com/partner?cb=8454&svc=us&id=9&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
partner
pixel.servebom.com/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3725%26svc%3Dus%26id%3D24%26uid%3D$UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3725%26svc%3Dus%26id%3D24%26uid%3D%24UID&sovrn_retry=true
  • https://pixel.servebom.com/partner?cb=3725&svc=us&id=24&uid=GkKuZLZHmnzGdTVEQseo8o1p
70 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=3725&svc=us&id=24&uid=GkKuZLZHmnzGdTVEQseo8o1p
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://pixel.servebom.com/partner?cb=3725&svc=us&id=24&uid=GkKuZLZHmnzGdTVEQseo8o1p
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
partner
pixel.servebom.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D4849%26svc%3Dus%26id%3D14%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D4849%26svc%3Dus%26id%3D14%26uid%3D%24UID
  • https://pixel.servebom.com/partner?cb=4849&svc=us&id=14&uid=848434730014415633723
70 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=4849&svc=us&id=14&uid=848434730014415633723
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png

Redirect headers

location
https://pixel.servebom.com/partner?cb=4849&svc=us&id=14&uid=848434730014415633723
date
Sun, 30 Apr 2023 03:26:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
partner
pixel.servebom.com/
Redirect Chain
  • https://purch-match.dotomi.com/match/bounce/current?networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2534%26svc%3Dus%26id%3D36%26uid%3D$UID&gdpr=0&gdpr_consent=&_ori...
  • https://purch-match.dotomi.com/match/bounce/current?DotomiTest=51f8692e934a068f&is_secure=true&networkId=20077&version=1&rurl=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2534%26svc%3Dus%26id%...
  • https://pixel.servebom.com/partner?cb=2534&svc=us&id=36&uid=AAABwiddtypiUwMF8SYtAAAAAAA&expiration=1682911564&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
70 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=2534&svc=us&id=36&uid=AAABwiddtypiUwMF8SYtAAAAAAA&expiration=1682911564&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.servebom.com/partner?cb=2534&svc=us&id=36&uid=AAABwiddtypiUwMF8SYtAAAAAAA&expiration=1682911564&_origin=1&is_secure=true&gdpr_consent=&gdpr=0&redir=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
partner
pixel.servebom.com/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj3GAAS&ru=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D10887%26svc%3Dus%26id%3D59%26uid%3D33XUSERID33X
  • https://pixel.servebom.com/partner?cb=10887&svc=us&id=59&uid=212153247736372
70 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=10887&svc=us&id=59&uid=212153247736372
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:03 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://pixel.servebom.com/partner?cb=10887&svc=us&id=59&uid=212153247736372
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1011119-1&cid=955708892.1682825163&jid=123528639&gjid=1324783284&_gid=1614910450.1682825163&_u=6GDAAEABBAQCAGAAI~&z=138862468
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5A6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?r=5553&p=46338&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D10076%26svc%3Dus%26id%3D5%26uid%3D
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108325
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:04 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:39 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=53460
accept-ranges
bytes
content-length
2358
expires
Sun, 30 Apr 2023 18:17:04 GMT
partner
pixel.servebom.com/ Frame 1351
Redirect Chain
  • https://qds0l.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8069%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D
  • https://qds0l.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8069%26svc%3Dus%26id%3D32%26uid%3D%5Btvid%5D
  • https://pixel.servebom.com/partner?cb=8069&svc=us&id=32&uid=18b71d7a3de645c1ab6634fc9367b5ad
70 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?cb=8069&svc=us&id=32&uid=18b71d7a3de645c1ab6634fc9367b5ad
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Sun, 30 Apr 2023 03:26:04 GMT
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://pixel.servebom.com/partner?cb=8069&svc=us&id=32&uid=18b71d7a3de645c1ab6634fc9367b5ad
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame D610
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?r=7282&s=181869&cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
8228e0e475535e7eb82fa27b79bf7e0c7f12eb643447688a30e49882916af6f6

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1768
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:26:04 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 30 Apr 2023 03:26:04 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync_iframe
sync.bfmio.com/ Frame 4E12 		390 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=4&id=Purch&gdpr=0&gc=&gce=1
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.45.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-45-124.compute-1.amazonaws.com
Software
/
Resource Hash
85627b739737c8538ff74bd5edf5babf24a50f39d7b685e0370732431710e225

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
390
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:26:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0FF3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?r=7434&p=156007&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8851%26svc%3Dus%26id%3D46%26uid%3D
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108325
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:04 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C003
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?r=2177&p=11868&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?r=2177&p=11868&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?r=2177&p=11868&endpoint=us-east
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://eus.rubiconproject.com/usync.html?r=2177&p=11868&endpoint=us-east
server
AkamaiGHost
partner
pixel.servebom.com/ Frame 8B34
Redirect Chain
  • https://pixel.advertising.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58164/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
  • https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-sSlmnCBE2uHEiEn7.xt4pOB46XJJaNK.~A
70 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-sSlmnCBE2uHEiEn7.xt4pOB46XJJaNK.~A
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Sun, 30 Apr 2023 03:26:04 GMT
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl

Redirect headers

age
0
content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://pixel.servebom.com/partner?&svc=us&id=57&uid=y-sSlmnCBE2uHEiEn7.xt4pOB46XJJaNK.~A
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
partner
pixel.servebom.com/ Frame 84CD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58290/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58290/sync?redir=true&verify=true
  • https://pixel.servebom.com/partner?svc=us&id=61&uid=y-SC0G2qpE2uLqCCMdFulAGw3Lx.v0hEA-~A
70 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?svc=us&id=61&uid=y-SC0G2qpE2uLqCCMdFulAGw3Lx.v0hEA-~A
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Sun, 30 Apr 2023 03:26:04 GMT
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl

Redirect headers

age
0
content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://pixel.servebom.com/partner?svc=us&id=61&uid=y-SC0G2qpE2uLqCCMdFulAGw3Lx.v0hEA-~A
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
partner
pixel.servebom.com/ Frame 3A4F
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8505%26svc%3Dus%26id%3D62%26uid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D8505%26svc%3Dus%26id%3D62%26uid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://pixel.servebom.com/partner?cb=8505&svc=us&id=62&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&cookie_age=0
70 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?cb=8505&svc=us&id=62&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&cookie_age=0
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Sun, 30 Apr 2023 03:26:04 GMT
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 03:26:04 GMT
Location
https://pixel.servebom.com/partner?cb=8505&svc=us&id=62&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&cookie_age=0
Server
nginx
partner
pixel.servebom.com/ Frame C0FB
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=dSvJjhJF
  • https://pixel.servebom.com/partner?svc=us&id=64&uid=fd73d814-c352-4115-9b2a-d9152e3c2a5a
70 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/partner?svc=us&id=64&uid=fd73d814-c352-4115-9b2a-d9152e3c2a5a
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
content-encoding
UTF-8
content-type
image/png
date
Sun, 30 Apr 2023 03:26:04 GMT
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://pixel.servebom.com/partner?svc=us&id=64&uid=fd73d814-c352-4115-9b2a-d9152e3c2a5a
isync
visitor.omnitagjs.com/visitor/ Frame 2FDC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
8c53cfcd23a2f2bc5a3359880627918590ac0ec1f9925ed249edcf0bbc4531d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1356
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 03:26:04 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10055482/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
18.164.116.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-98.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:15:29 GMT
content-encoding
gzip
via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:02:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
636
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
VqdvjcWPWLCExaL-TM9QovLN1Y_LlHnIAMLCAiQZ0nTaiUzMi57zaQ==

Redirect headers

date
Sun, 30 Apr 2023 03:26:04 GMT
via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
Lux1ZAdHVoCw71UvtDgZUIfiqtm9mtKy7UTeWJQ782YOwjGTdtyWpw==
ramp
ads.servebom.com/ 		483 B
507 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/ramp?r=921&o={%22f%22:%22%22,%22p%22:null,%22l%22:%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22,%22rf%22:%22%22,%22tt%22:%22Microsoft%2020blocks%2020customer%2020access%2020to%2020malicious%2020SolarWinds%2020binaries%2020%207C%2020ITPro%22,%22fs%22:0,%22t%22:%222023-04-30%2003:26:04%22,%22tz%22:0,%22r%22:%221600x1200%22,%22pam%22:%22allowed%22,%22gdprConsent%22:null,%22ccpa%22:%221YNN%22,%22g%22:[],%22a%22:[{%22s%22:%22/10518929/itpro.co.uk/news/article/leaderboard%22,%22z%22:[[970,250],[970,90],[728,90],[980,240]],%22d%22:%22bordeaux-standard-ad-0%22},{%22s%22:%22/10518929/itpro.co.uk/news/article/mpu1%22,%22z%22:[[300,600],[300,250],[300,251],[300,601]],%22d%22:%22bordeaux-standard-ad-1%22},{%22s%22:%22/10518929/itpro.co.uk/news/article/mpu2%22,%22z%22:[[300,600],[300,250],[300,252],[300,602]],%22d%22:%22bordeaux-standard-ad-2%22},{%22s%22:%22/10518929/itpro.co.uk/news/article/mpu3%22,%22z%22:[[300,600],[300,250],[300,253],[300,603]],%22d%22:%22bordeaux-standard-ad-3%22},{%22s%22:%22/10518929/itpro.co.uk/news/article/skin%22,%22z%22:[[1,1]],%22d%22:%22bordeaux-standard-ad-4%22},{%22s%22:%22/10518929/itpro.co.uk/news/article/overlay%22,%22z%22:[[1,1]],%22d%22:%22bordeaux-standard-ad-5%22}],%22ex%22:[],%22tpl%22:%22article%22,%22seg%22:%2273403,83205,89871,90272,94788,104231,105767,108365,110120,113650,145735,bgfz%22,%22fp%22:{%22300x600%22:2.72,%22728x90%22:2.42,%22300x252%22:2.83,%22300x250%22:2.74,%22160x600%22:1.51,%22300x251%22:2.86,%22970x250%22:2.2,%22970x90%22:2.28}}&uuid=cde15a1a2ad54a38ae8e112a8c855dc6
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
1d10dbfb8e87d4edf1929357193e783dba709ee6404dc37cd987fc1b356a1f4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-hw
1682825164.cds004.dc2.hn,1682825164.cds225.dc2.sc,1682825164.cds225.dc2.p
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.itpro.com
content-type
text/plain
access-control-allow-credentials
true
timing-allow-origin
*
content-length
302
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
wRvAOEYoEeyfkEbo2AynAw.json
entitlements.jwplayer.com/ 		69 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/wRvAOEYoEeyfkEbo2AynAw.json
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D9) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 03:00:43 GMT
server
ECAcc (nya/79D9)
age
1521
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=16980
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
expires
Sun, 30 Apr 2023 03:26:04 GMT
events
api.permutive.com/v2.0/batch/ 		201 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d1bb21d5880eedae3704f385acb49675b3d112589491b2d27b48689e0db456bb

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
dcm
s.amazon-adsystem.com/ Frame D610
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0JSR6G3Q00729PK1N7S6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NXNED19T7R8ACGRY2XR2
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D610
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHD4QvkYqNkeugZzXaoG6cY&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHD4QvkYqNkeugZzXaoG6cY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHD4QvkYqNkeugZzXaoG6cY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D610
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3fzJzbDxeIlhYvWWXiLwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNvT9DLgO0Wn7VEgBh-hRs&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNvT9DLgO0Wn7VEgBh-hRs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNvT9DLgO0Wn7VEgBh-hRs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D610
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&expiration=1685417164&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&expiration=1685417164&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&expiration=1685417164&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
113
match.deepintent.com/usersync/ Frame D610 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:04 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
user-registering
ads.stickyadstv.com/ Frame D610 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZE3fzJzbDxeIlhYvWWXiLwAA%26031&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1682825164941069-290
rum
dsum-sec.casalemedia.com/ Frame D610
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=r6ThoP32tqe09eeirPH4p6ug4aC087Ggr_TMMWV8
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=r6ThoP32tqe09eeirPH4p6ug4aC087Ggr_TMMWV8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=r6ThoP32tqe09eeirPH4p6ug4aC087Ggr_TMMWV8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum.casalemedia.com/ Frame D610
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2a269804-6403-5d02-6dc4f48f
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2a269804-6403-5d02-6dc4f48f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 03:26:04 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2a269804-6403-5d02-6dc4f48f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
partner
pixel.servebom.com/ Frame D610 		70 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=7556&svc=us&id=2&uid=ZE3fzJzbDxeIlhYvWWXiLwAA%26031
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D7556%26svc%3Dus%26id%3D2%26uid%3D&r=7282&s=181869&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame C922 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itpro.com
Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itpro.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 03:26:04 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
partner
pixel.servebom.com/ Frame 2FDC 		70 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=3531&svc=us&id=65&uid=e8db20fb272204565a9fd7d550d6fcd2
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825164.cds213.dc2.hn,1682825164.cds213.dc2.sl
content-type
image/png
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6812978323417459240&gdpr=0&gdpr_consent=
49 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6812978323417459240&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a696d3ae-035a-4024-8f40-df802e68c266
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6812978323417459240&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6812978323417459240&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6812978323417459240&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
43bd8533-fe80-4829-b359-1099e8f60def
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6812978323417459240&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=emuYl9SHDGCdpB6UVfgP&name=RTB_HOUSE&pi=adyoulike&tc=1
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=emuYl9SHDGCdpB6UVfgP&name=RTB_HOUSE&pi=adyoulike&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=emuYl9SHDGCdpB6UVfgP&name=RTB_HOUSE&pi=adyoulike&tc=1
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT, Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame 2FDC 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=e8db20fb272204565a9fd7d550d6fcd2
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.122.105 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-122-105.ord56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
via
1.1 9a578030b9eecb34c8e4677bc01587c4.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6
x-amz-cf-id
s2DbwLbKsbjAPjdyhIC4V871asgM1prRPXh0Z0TZGNqbDcQUpLhDjA==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188715268096521&expires=30&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=c6e62f36-eaa5-4e58-a311-dbcd5140d564&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=c6e62f36-eaa5-4e58-a311-dbcd5140d564&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=c6e62f36-eaa5-4e58-a311-dbcd5140d564&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Sun, 30 Apr 2023 03:26:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=afe08c8f-46f3-496c-a20b-84defbb30b2a&name=THE_TRADE_DESK
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=afe08c8f-46f3-496c-a20b-84defbb30b2a&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=afe08c8f-46f3-496c-a20b-84defbb30b2a&name=THE_TRADE_DESK
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
319
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAG0Mk7Im8AAACX0SAR5zg&name=BEESWAX
49 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAG0Mk7Im8AAACX0SAR5zg&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAG0Mk7Im8AAACX0SAR5zg&name=BEESWAX
Date
Sun, 30 Apr 2023 03:26:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3...
  • https://stags.bluekai.com/site/23178?id=nf_uAkLPYloRkGj-BOqu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=nf_uAkLPYloRkGj-BOqu
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=nf_uAkLPYloRkGj-BOqu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=nf_uAkLPYloRkGj-BOqu
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
188
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://stags.bluekai.com/site/23178?id=jwXIqVn1CT_oIFbt1GHC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=jwXIqVn1CT_oIFbt1GHC
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=jwXIqVn1CT_oIFbt1GHC
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=jwXIqVn1CT_oIFbt1GHC
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
192
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aec6ab3f-e775-4c37-9ec7-dc1de326aa62%20&gdpr_consent=null&gdpr=0
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aec6ab3f-e775-4c37-9ec7-dc1de326aa62%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aec6ab3f-e775-4c37-9ec7-dc1de326aa62 &gdpr_consent=null&gdpr=0
date
Sun, 30 Apr 2023 03:26:05 GMT
server
_
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0906220407fd6551751cb866&gdpr=0&gdprConsent=
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0906220407fd6551751cb866&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0906220407fd6551751cb866&gdpr=0&gdprConsent=
Date
Sun, 30 Apr 2023 03:26:05 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&name=STACKADAPT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&name=STACKADAPT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&name=STACKADAPT
Date
Sun, 30 Apr 2023 03:26:05 GMT
Connection
keep-alive
Content-Length
191
Content-Type
text/html; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0f4b0fcde45fe67019618f4c5f35f52e%26name%3DADMIXER%...
  • https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=79d744cc6fe24036ab2c6a068d85954b
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=79d744cc6fe24036ab2c6a068d85954b
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=0f4b0fcde45fe67019618f4c5f35f52e&name=ADMIXER&visitor=79d744cc6fe24036ab2c6a068d85954b
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=de161515-caff-5378-8705-b410e3486bdd&name=BETWEENX
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=de161515-caff-5378-8705-b410e3486bdd&name=BETWEENX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=de161515-caff-5378-8705-b410e3486bdd&name=BETWEENX
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkKuZLZHmnzGdTVEQseo8o1p
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkKuZLZHmnzGdTVEQseo8o1p
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GkKuZLZHmnzGdTVEQseo8o1p
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 2FDC
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=0cf40256-eb0e-4e86-b356-9759fe321a22&name=BIDTELLECT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=0cf40256-eb0e-4e86-b356-9759fe321a22&name=BIDTELLECT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Sun, 30 Apr 2023 03:25:55 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=0cf40256-eb0e-4e86-b356-9759fe321a22&name=BIDTELLECT
cache-control
private,no-cache
content-length
265
expires
-1
1000.gif
id.rlcdn.com/ Frame 2FDC
Redirect Chain
  • https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
  • https://id.rlcdn.com/1000.gif?memo=CKW1KxoNCM2_t6IGEgUI6AcQAEIASgA
42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CKW1KxoNCM2_t6IGEgUI6AcQAEIASgA
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CKW1KxoNCM2_t6IGEgUI6AcQAEIASgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.js
eus.rubiconproject.com/ Frame C003 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?r=2177&p=11868&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?r=2177&p=11868&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51845
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=955708892.1682825163&jid=123528639&_u=6GDAAEABBAQCAGAAI~&z=1545265205
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1011119-1&cid=955708892.1682825163&jid=123528639&_u=6GDAAEABBAQCAGAAI~&z=1545265205
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.bfmio.com/ Frame 4E12
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=4&id=Purch&gdpr=0&gc=&gce=1
Protocol
HTTP/1.1
Server
52.73.45.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-45-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 30 Apr 2023 03:26:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
183
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sonobi&bidswitch_custom_parameter=c6e62f36-eaa5-4e58-a311-dbcd5140d564
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=cf14ae7ba61889f99aa145bd5bc676a9&expires=30&ssp=sonobi&bsw_param=c6e62f36-eaa5-4e58-a311-dbcd5140d564
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Date
Sun, 30 Apr 2023 03:26:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&pubid=
49 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&pubid=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&pubid=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
207
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7e18644d-dfcd-4700-bae2-b858c123093b
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7e18644d-dfcd-4700-bae2-b858c123093b
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
MT3 830 785530e master iad-pixel-x3 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7e18644d-dfcd-4700-bae2-b858c123093b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 03:26:03 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969188715268096511
49 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969188715268096511
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=969188715268096511
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=d3f69494-8d38-493c-9c6c-e3b2c8335396&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZlY3dHFCZ3Q4LURIQXNZMUF3UnNvZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEDtd8km3MT_BgozfAkaPIE4&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=MXooVsVduakn
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=MXooVsVduakn
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=MXooVsVduakn
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-7hgps
expires
-1
user-sync
sync.adkernel.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZDNmNjk0OTQtOGQzOC00OTNjLTljNmMtZTNiMmM4MzM1Mzk2
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGjwHceSVsTYbsiMXTnhI7I&google_cver=1
49 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGjwHceSVsTYbsiMXTnhI7I&google_cver=1
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGjwHceSVsTYbsiMXTnhI7I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
49 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
date
Sun, 30 Apr 2023 03:26:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6812978323417459240
49 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6812978323417459240
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dbd725ac-195e-4a8d-9728-b1efab45c607
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=6812978323417459240
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=d3f69494-8d38-493c-9c6c-e3b2c8335396
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=d3f69494-8d38-493c-9c6c-e3b2c8335396
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=d3f69494-8d38-493c-9c6c-e3b2c8335396
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-31-66.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v047-0434111d1.edge-va6.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rMBCGAEWQ2I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v047-0e8268f38.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
hmeOviaCR2M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=d3f69494-8d38-493c-9c6c-e3b2c8335396
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
30907
tags.bluekai.com/site/ 		62 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=d3f69494-8d38-493c-9c6c-e3b2c8335396
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 30 Apr 2023 03:26:05 GMT
content-length
62
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=82773d6b-8a1a-0550-0fd8-c513184f12ad
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=82773d6b-8a1a-0550-0fd8-c513184f12ad
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=82773d6b-8a1a-0550-0fd8-c513184f12ad
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Sun, 30 Apr 2023 03:26:05 GMT
server
Apache-Coyote/1.1
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=61b79679a11b40e8b79679a11bc0e8cc
49 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=61b79679a11b40e8b79679a11bc0e8cc
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:26:04 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.itpro.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=61b79679a11b40e8b79679a11bc0e8cc
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
all
ssl-market-east.smrtb.com/sync/ 		0
0
usersync
match.bnmla.com/ 		0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=d3f69494-8d38-493c-9c6c-e3b2c8335396&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=e93f5543-1503-4866-a084-f3fb9034e1e7
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=e93f5543-1503-4866-a084-f3fb9034e1e7
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=e93f5543-1503-4866-a084-f3fb9034e1e7
date
Sun, 30 Apr 2023 03:26:05 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=848434730014415633723
49 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=848434730014415633723
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=848434730014415633723
date
Sun, 30 Apr 2023 03:26:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.html
s.spotim.market/ Frame CCAC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:987::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
34d6cb8d3da7f39258f889f9b29a979d8e2eff97e15651688c3c3f4605d000fb

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1202
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DC5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108325
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:04 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DD70
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 7291
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 8FE8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 4B48 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2F19 		876 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=ebd167208cfac599416ddea5dbceb5dd&name=FUTURE_PLC&url=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D3531%26svc%3Dus%26id%3D65%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
aa2b2d50da4be949ce86e857f7bc091ac57e1a9f75fc6e4d3e52441ffb6c1622

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
876
content-type
text/html
date
Sun, 30 Apr 2023 03:26:04 GMT
ramp
ads.servebom.com/ 		469 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/ramp?r=91&o={%22f%22:1,%22p%22:null,%22l%22:%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22,%22tt%22:%22Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro%22,%22fs%22:0,%22t%22:%222023-04-30%2003:26:04%22,%22tz%22:0,%22r%22:%221600x1200%22,%22pam%22:%22allowed%22,%22gdprConsent%22:null,%22ccpa%22:%221YNN%22,%22g%22:[],%22a%22:[{%22s%22:%22/10518929/itpro.co.uk/itpro_preroll_carousel%22,%22z%22:[540,304],%22d%22:%22video_content_173%22,%22g%22:{},%22refresh%22:1}],%22ex%22:[]}&uuid=fc3c845a10f442988b10f596a64f5b26&at=v
Requested by
Host: champagne.futurecdn.net
URL: https://champagne.futurecdn.net/champagne.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
08e69a4ed954f11f54fd9e48819534c6056c746c6672c7904f242193f6d58ba7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-hw
1682825164.cds004.dc2.hn,1682825164.cds203.dc2.sc,1682825164.cds203.dc2.p
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.itpro.com
content-type
text/plain
access-control-allow-credentials
true
timing-allow-origin
*
content-length
304
bid
aax.amazon-adsystem.com/e/dtb/ 		198 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3032&u=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&pid=I0r9NHG9Y95Sv&cb=1&ws=1600x1200&v=23.426.459&t=5000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.127.224 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-127-224.ord56.r.cloudfront.net
Software
Server /
Resource Hash
56c62a74009688baeeaa927112d3b2ac3a38babb2389b2bd030ce21f36f8106b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b90806651a118b36ba53c2be6c347c46.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD56-P6
x-amz-rid
Z0G6H409B3S7WEY6C85Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
198
x-amz-cf-id
0Cg80yVGZNpgDuBoR3zph0LwohREHH4iag1mFvZzHBFdQuddRRNcLw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682825164875&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682825164875&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682825164875&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&c8=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&c9=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
18.164.116.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-98.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:04 GMT
via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-amz-cf-id
d97ufcqtCWAPvHZN1unO0-IN5_8qVcvAvGmHpC4E-CDThO6yCx4LSQ==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 30 Apr 2023 03:26:04 GMT
via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1682825164875&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&c8=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&c9=
content-length
0
x-amz-cf-id
1FH49JZVJeSmQAYxB_brKkLp0rVnXZpNYdlcsMKAI9YR3FHxYsUmPg==
iu3
s.amazon-adsystem.com/ Frame 2225 		368 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a433aa84dc845542a44df16a65a685191bf3dbb91ffdf251f6a0711c3f45e3c8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
368
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 03:26:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
G9BYR9ZF88JZJJ00VVEF
partner
pixel.servebom.com/ Frame C003
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=11868&r=2177&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG
  • https://pixel.servebom.com/partner?svc=us&id=19&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
70 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?svc=us&id=19&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825165.cds213.dc2.hn,1682825165.cds213.dc2.sl
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://pixel.servebom.com/partner?svc=us&id=19&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
usync.js
eus.rubiconproject.com/ Frame DD70 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51844
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
usync.js
eus.rubiconproject.com/ Frame 8FE8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51844
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
usync.js
eus.rubiconproject.com/ Frame 7291 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51844
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
pr
s.amazon-adsystem.com/v3/ Frame BAAE 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f05247e67552f8ac4899608cee355521efd3d31c13acb3054302ae9d2bd51ec0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3329
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YWRKR1HJHE0WF8DQQAD7
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.itpro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itpro.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		230 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1898685988527846&correlator=1223146217910020&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&gdpr=0&us_privacy=1YNN&iu_parts=10518929%2Citpro.co.uk%2Cnews%2Carticle%2Cleaderboard%2Cmpu1%2Cmpu2%2Cmpu3%2Cskin%2Coverlay&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7%2C%2F0%2F1%2F2%2F3%2F8%2C%2F0%2F1%2F2%2F3%2F9&prev_iu_szs=970x250%7C970x90%7C728x90%7C980x240%2C300x600%7C300x250%7C300x251%7C300x601%2C300x600%7C300x250%7C300x252%7C300x602%2C300x600%7C300x250%7C300x253%7C300x603%2C1x1%2C1x1&ifi=1&adks=1772841566%2C1129635487%2C3341135186%2C3164917004%2C3438958302%2C4249420462&sfv=1-0-40&ists=3&prev_scp=_a%3D0%26pos%3D1%26format%3Droadblock%26placement%3Ddfp_rs_desktop_leaderboard_1%26adUnitName%3Dleaderboard%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3Dleaderboard%26_slot_type%3Dleaderboard%26auctionId%3D1%26amznbid%3D1808k5c%26amznp%3D1rmxtz4%26id%3Dbce2e6b6-e706-11ed-9707-0ed85bc87673%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%2C80%26amzniid%3DJFxcIgR9FpcVZGazc6XfntEAAAGH0DI4ZwEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCQGNw6%26amznsz%3D970x250%7C_a%3D0%26pos%3D1%26format%3Droadblock%26placement%3Ddfp_rs_desktop_mpu_1%26adUnitName%3Dmpu1%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3DtopOfSidebar%26_slot_type%3DtopOfSidebar%26auctionId%3D1%26amznbid%3D1yn5kw0%26amznp%3D1rmxtz4%26id%3Dbce2e6b7-e706-11ed-9707-0ed85bc87673%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%26amzniid%3DJB8I6KFv1h7P9l0wE9N5jj0AAAGH0DI4ZwEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICD8mWpE%26amznsz%3D300x600%7C_a%3D0%26pos%3D2%26format%3Droadblock%26placement%3Ddfp_rs_desktop_mpu_2%26adUnitName%3Dmpu2%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3DbeforePopularBox%26_slot_type%3DbeforePopularBox%26auctionId%3D1%26amznbid%3Dq8yjnk%26amznp%3D1rmxtz4%26id%3Dbce2e6b8-e706-11ed-9707-0ed85bc87673%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%26amzniid%3DJAXPQ1TVSJ9F6PRC9u28aJ4AAAGH0DI4ZwEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICC46PCj%26amznsz%3D300x600%7C_a%3D0%26pos%3D3%26format%3Dadx%26placement%3Ddfp_rs_desktop_mpu_3%26adUnitName%3Dmpu3%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26_slot%3DafterPopularBox%26_slot_type%3DafterPopularBox%26auctionId%3D1%26amznbid%3D1808k5c%26amznp%3D1rmxtz4%26id%3Dbce2e6b9-e706-11ed-9707-0ed85bc87673%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%26amzniid%3DJMNnbOppd0O2mlHQubwVbGYAAAGH0DI4ZwEAAAvYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBPdSvZ%26amznsz%3D300x600%7Coop%3Dskin%26_a%3D0%26format%3Droadblock%26placement%3Ddfp_rs_desktop_skin_oop_1%26adUnitName%3Dskin%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26auctionId%3D1%26id%3Dbce2e6ba-e706-11ed-9707-0ed85bc87673%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70%7Coop%3Doverlay%26_a%3D0%26placement%3Ddfp_rs_desktop_overlay_oop_1%26adUnitName%3Doverlay%26incremental%3Dno%26refresh%3Dno%26api-refresh%3Dno%26additional%3Dno%26auctionId%3D1%26id%3Dbce2e6bb-e706-11ed-9707-0ed85bc87673%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%2C50%2C60%2C70&eri=1&cust_params=permutive%3D73403%252C83205%252C89871%252C90272%252C94788%252C104231%252C105767%252C108365%252C110120%252C113650%252C145735%252Cbgfz%252Crts%26prmtvsdk%3Dweb%26puid%3D10c98191-64a7-4b3c-8272-fbb03c4359b0%26prmtvvid%3D5d4eecae-9370-4682-b540-7872f9f5c884%26prmtvsid%3Dd207fb0d-79f4-4287-a8ae-ad38f887a3e6%26prmtvwid%3D6093eccf-6734-4877-ac8b-83d6d0e27b46%26site%3Ditprocom%26url%3Dhttps%253A%252F%252Fwww.itpro.com%252Fsecurity%252F358153%252Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%26test%3DA%26screen%3Dlarge%26h_id%3Dcde15a1a2ad54a38ae8e112a8c855dc6%26source%3D%26product%3D%26kw%3Daccess-metered%252Cserversidehawk%252CEnterprise%2520Security%26genre%3D%26vertical%3D%26pagetype%3Dnews%26manu%3D%26articleid%3Ditpro-pages-358153%26sitePlatform%3Dvanilla%26fepPrimaryProduct%3DMicrosoft%26fepSecondaryProducts%3DSolarWinds%252CMicrosoft%2520Office%252CMicrosoft%2520365%252CBinary%2520file%252CComputer%2520security%26fepCompanies%3DMicrosoft%252CTrellix%252CFederal%2520government%2520of%2520the%2520United%2520States%26fepCategory%3DEnterprise%2520Security%26fepGroups%3DEnterprise%2520Security%252CMalware%252CSecurity%26fepPrimaryCompany%3DSolarWinds%26primaryCategory%3DEnterprise%2520Security%26secondaryCategories%3DEnterprise%2520Security%252CMalware%252CSecurity%26_plc%3D358%26ex%3D184%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_753_KW%252CIAS_UNSCORED_PG%252CIAS_7426_KW%26vw%3D40%252C50%252C60%252C70%252C80%252C90%26_rid%3D2054968105902032134%26grm%3D40%252C50%252C60%252C70%252C80%26TUUID%3D532C61D007384A4E8C6C9278A19A1E8E%26_chnl%3DWEB%26_ex%3D%257C214%257C293%257C%26_experiment%3D214%252C293%26_sh1080%3D1%26_sw1600%3D1%26id%3Dbcfadb6d-e706-11ed-8da6-02df71359621%26pub%3D40%252C50%252C60%252C70%26_pgid%3Dd940eed1&ppid=cde15a1a2ad54a38ae8e112a8c855dc6&sc=1&cookie_enabled=1&abxe=1&dt=1682825165052&lmt=1682825161&dlt=1682825161735&idt=2246&adxs=315%2C965%2C965%2C965%2C-12245933%2C-12245933&adys=189%2C857%2C1867%2C3143%2C-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&frm=20&vis=1&psz=980x-1%7C300x-1%7C300x-1%7C300x-1%7C0x0%7C0x0&msz=970x-1%7C300x-1%7C300x-1%7C300x-1%7C0x0%7C0x0&fws=644%2C644%2C644%2C644%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=955708892.1682825163&ga_sid=1682825165&ga_hid=825535187&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a42db2fa590eecaf8afb732a95be403b894696f3688dfce183200436d57e2cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22187
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itpro.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f61aafe85714fdabf335e406d30345f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F66 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f61aafe85714fdabf335e406d30345f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 03:26:05 GMT
expires
Mon, 29 Apr 2024 03:26:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame BAAE
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c6e62f36-eaa5-4e58-a311-dbcd5140d564
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0VREXQA8DQRF9JX9B8GE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Date
Sun, 30 Apr 2023 03:26:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame BAAE
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258267651455343000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258267651455343000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z2AJ7NJ28H57VK63J309
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258267651455343000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 30 Apr 2023 03:26:05 GMT
ecm3
s.amazon-adsystem.com/ Frame BAAE
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=da592a54-067e-4e78-b961-118e1af803c7
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=da592a54-067e-4e78-b961-118e1af803c7
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V25H1QTW4XG4HB5NNY11
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=da592a54-067e-4e78-b961-118e1af803c7
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
VghWffSP-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/VghWffSP-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cea86d756a89b9f2f042c1cb0b881e2793dd1121737dc211f752e56cb988c7cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
874
x-served-by
cache-iad-kjyo7100076-IAD, cache-yul12824-YUL
last-modified
Fri, 04 Feb 2022 16:00:38 GMT
server
nginx
x-timer
S1682825166.599432,VS0,VE30
etag
"a25551b23caa982a4cf6b552484a1662"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
30143, 0

Redirect headers

date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
5yGuzy67LICyyxofW7fLGngDGxrFaM7ohEO4gbbHGX7sc3sDNmHsyw==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/provider.cast.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
478d7db2012e97743162bb73dab95c045e3533bade97a2c0b0f435c2ebbeebe8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
via
1.1 varnish
age
2789487
x-cache
HIT
content-length
9824
x-served-by
cache-yul12830-YUL
last-modified
Mon, 27 Mar 2023 20:13:23 GMT
server
AmazonS3
x-timer
S1682825165.196366,VS0,VE0
etag
"7a76911bb33f1218b000c0677e96c5ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
100632
related.js
ssl.p.jwpcdn.com/player/v/8.26.9/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.26.9/related.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
via
1.1 varnish
age
2789620
x-cache
HIT
content-length
24956
x-served-by
cache-yul12830-YUL
last-modified
Mon, 27 Mar 2023 20:13:25 GMT
server
AmazonS3
x-timer
S1682825165.196458,VS0,VE0
etag
"49db87945be8198af9e0136a6ad75ba3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
370135
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame 3297 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
67776
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 08:36:29 GMT
expires
Sun, 28 Apr 2024 08:36:29 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 03:26:05 GMT
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame A0B7 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
67776
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 08:36:29 GMT
expires
Sun, 28 Apr 2024 08:36:29 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D4F5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108324
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:05 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 29C9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=6812978323417459240&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6812978323417459240&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:04 GMT
Etag
3f44a81e8fa739cd
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
b389ac68-2443-41de-93bc-a9918b7871e6
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6812978323417459240&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame 0A9C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame D59D
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=848434730014415633723
43 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=848434730014415633723
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:04 GMT
Etag
3f44a81e8fa739cd
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 03:26:05 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=848434730014415633723
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.spotim.market/ Frame CCAC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gd...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D30901...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=$0&gdpr_consent=$
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=$0&gdpr_consent=$
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
Adtelligent
Etag
3f44a81e8fa739cd
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Sun, 30 Apr 2023 03:26:06 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=$0&gdpr_consent=$
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csync
sync.spotim.market/ Frame CCAC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1682825165395
  • https://ad.turn.com/r/cs?pid=45&rndcb=4348755342
  • https://sync.1rx.io/usersync/turn/2442317008365535684?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-89b15692-788c-4ca6-b41d-4...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
Adtelligent
Etag
3f44a81e8fa739cd
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
Tengine
ETag
RX89b15692788c4ca6b41d4ec7e61cfe67005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Content-Type
text/html
Connection
keep-alive
csync
sync.spotim.market/ Frame CCAC
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=10840ea6-e251-01b6-1f6c-0c20bb229165
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=10840ea6-e251-01b6-1f6c-0c20bb229165
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
Adtelligent
Etag
3f44a81e8fa739cd
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=10840ea6-e251-01b6-1f6c-0c20bb229165
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
puvhqqcn7tjbnq1i0v6mhcdefv7ejbkf
sync
visitor.omnitagjs.com/visitor/ Frame CCAC
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=3f44a81e8fa739cd&name=OPENWEB
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=3f44a81e8fa739cd&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=3f44a81e8fa739cd&name=OPENWEB
Date
Sun, 30 Apr 2023 03:26:04 GMT
Server
Adtelligent
Etag
3f44a81e8fa739cd
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame C003
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=&expires=30
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame C003
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UNJ0D-11-I4FG&gdpr=0
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UNJ0D-11-I4FG&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 66E1F7B4F4E34C5F94E03FDEDA303C7F Ref B: YMQ01EDGE0619 Ref C: 2023-04-30T03:26:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hUQ45WxZNM+Ew36vtw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UNJ0D-11-I4FG&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8ee3bea2ab086361542c3b52b688813
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame C003 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KX22WPHRH1QM1DRR678G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame C003
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2HUCsCyNSayFutYo9R077A&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2HUCsCyNSayFutYo9R077A&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2HUCsCyNSayFutYo9R077A&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RHW50EHQEADTP0QX2AX1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2HUCsCyNSayFutYo9R077A&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C003
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9FlCbKqsFTyd3ulXzk1xrcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NnYbQf1E2oKdlWw29GGDWNQ3iLc00wDtoAPYWQ--~A
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NnYbQf1E2oKdlWw29GGDWNQ3iLc00wDtoAPYWQ--~A
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 30 Apr 2023 03:26:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NnYbQf1E2oKdlWw29GGDWNQ3iLc00wDtoAPYWQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame C003
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQxMzdlYjFlZjcxMjA2MzliMmE0ZTc3MjQ3YTgxZGUzNGM4NzRkMg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQxMzdlYjFlZjcxMjA2MzliMmE0ZTc3MjQ3YTgxZGUzNGM4NzRkMg&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQxMzdlYjFlZjcxMjA2MzliMmE0ZTc3MjQ3YTgxZGUzNGM4NzRkMg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8879d63542e1f07dd8e6d691f6d521da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C003
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyVU5KMEQtMTEtSTRGRw==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIH4fbE_eJA_9YeeNF7N2Y4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVU5KMEQtMTEtSTRGRw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVU5KMEQtMTEtSTRGRw==&google_push=&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVU5KMEQtMTEtSTRGRw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C003
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHA6x2OR634eyCr9YEIGL_c&google_cver=1
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHA6x2OR634eyCr9YEIGL_c&google_cver=1
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHA6x2OR634eyCr9YEIGL_c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
u.openx.net/w/1.0/ Frame F31E 		693 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ead15bed156bc5887df33122fdd784b8c749d357693233c87293a14827537a20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
399
content-type
text/html
date
Sun, 30 Apr 2023 03:26:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 4FBF
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7591399174809267913&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7591399174809267913&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1R4A96AGEQ6CEBRSTJ2K

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 03:26:04 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7591399174809267913&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame B88F
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=2258934b4fca0534&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABwiddtypiZgMCeX4bAAAAAAA&expiration=1682911565&is_secure=true&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABwiddtypiZgMCeX4bAAAAAAA&expiration=1682911565&is_secure=true&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CTRRNFYXFHGKQ5GE8Q0S

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sun, 30 Apr 2023 03:26:05 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABwiddtypiZgMCeX4bAAAAAAA&expiration=1682911565&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame 8055 		427 B
939 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
25f3bfccb8f74bf191e962cbe3bb3864b14ec35f383c2dabe0a65492d7faab67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Sun, 30 Apr 2023 03:26:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CE57 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108324
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:05 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F642 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 45A9 		662 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
eabe045d8da42ba1ca91baa3d824d943bed374591382267b6ef95bff3813b7cf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
662
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6c7cb7447-7hgps
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 7761
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TN3dCZ1BaRTJ1STlqUUFnc1Q4Q3lsTDR3ck9IZjhSUX5B&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TN3dCZ1BaRTJ1STlqUUFnc1Q4Q3lsTDR3ck9IZjhSUX5B&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
GQV8FPX3HE3186MGYSYS

Redirect headers

age
0
content-length
0
date
Sun, 30 Apr 2023 03:26:05 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TN3dCZ1BaRTJ1STlqUUFnc1Q4Q3lsTDR3ck9IZjhSUX5B&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cookie_sync
vpb-server.jwplayer.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpb-server.jwplayer.com/cookie_sync
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
7a7def00f212ecc81e9f69517c76a1eb2b83651467b5786f2dd6f4e4d97ff2e5

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1986
expires
0
auction
vpb-server.jwplayer.com/openrtb2/ 		232 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpb-server.jwplayer.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
b8366958d9924de881d26da81525ee24f530974fa9e4096e1483b58c9fc33529

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
232
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.227.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-227-56.compute-1.amazonaws.com
Software
/
Resource Hash
e7fb7b4e76eab40749a2f533f4c51933f84b9fb836e2e88f548e6de4f77c6545

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
x-prebid
pbs-java/1.117.0
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		35 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=755062&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22556b2c411376f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%3Fjwpseg%3D80000020%252C80000030%252C80000040%252C80000050%252C80000060%252C80000065%252C80000070%252C80000075%252C80000080%252C80011026%252C80011035%252C80011079%252C80011080%252C80011081%252C80011082%252C90000020%252C90000030%252C90000040%252C90000050%252C90000060%252C90000065%252C90000070%252CCMTPI-0059DF08%252CCMTPI-03654CCA%252CCMTPI-0677E447%252CCMTPI-0BF58D82%252CCMTPI-0CECEC20%252CCMTPI-0D820080%252CCMTPI-0E02F6C6%252CCMTPI-0EF8C0FC%252CCMTPI-115A18D9%252CCMTPI-129516EC%252CCMTPI-12D0185C%252CCMTPI-1403EFCF%252CCMTPI-16A13FA0%252CCMTPI-17E1858C%252CCMTPI-17FC149F%252CCMTPI-1801D437%252CCMTPI-18220805%252CCMTPI-1862FE8D%252CCMTPI-1A914BA9%252CCMTPI-1B48303C%252CCMTPI-1C1AF9F6%252CCMTPI-20972238%252CCMTPI-214AEA2B%252CCMTPI-215023C5%252CCMTPI-272784B3%252CCMTPI-28EF756E%252CCMTPI-298C1144%252CCMTPI-29EB2E80%252CCMTPI-2A67AF12%252CCMTPI-2AFB1697%252CCMTPI-2FD41300%252CCMTPI-31934974%252CCMTPI-31C465AB%252CCMTPI-32EEF776%252CCMTPI-33B15822%252CCMTPI-36BA92AC%252CCMTPI-3A3D73D1%252CCMTPI-3B1F64F2%252CCMTPI-3BF4C761%252CCMTPI-3C3D93D3%252CCMTPI-3C5D709B%252CCMTPI-3E34813A%252CCMTPI-3FE7BB03%252CCMTPI-40E2BC75%252CCMTPI-41AE15D8%252CCMTPI-423BC984%252CCMTPI-434208A3%252CCMTPI-43DB8114%252CCMTPI-456A40FB%252CCMTPI-468780F8%252CCMTPI-48AEA217%252CCMTPI-490406BA%252CCMTPI-49B3B8DB%252CCMTPI-4A797E04%252CCMTPI-4B5BC946%252CCMTPI-4C74FA64%252CCMTPI-4C78F6C7%252CCMTPI-4E807C99%252CCMTPI-4E9D34DD%252CCMTPI-4EDCA4BA%252CCMTPI-501E7815%252CCMTPI-50A1AE94%252CCMTPI-520BE62D%252CCMTPI-5272012D%252CCMTPI-52854BF9%252CCMTPI-54B3F68C%252CCMTPI-54E20E46%252CCMTPI-564BDB0E%252CCMTPI-57B67DE4%252CCMTPI-58ACA4A6%252CCMTPI-5ACCB87D%252CCMTPI-5B0F2BAA%252CCMTPI-5B9116B8%252CCMTPI-5C08D349%252CCMTPI-5C0D30E6%252CCMTPI-5D8B9118%252CCMTPI-5E59A0FD%252CCMTPI-5E67FFE1%252CCMTPI-5E865311%252CCMTPI-61F57FCB%252CCMTPI-62382625%252CCMTPI-63D8A54B%252CCMTPI-674B4FDD%252CCMTPI-686F79B8%252CCMTPI-697B8462%252CCMTPI-6C948CDE%252CCMTPI-6CFA8301%252CCMTPI-6F0857A8%252CCMTPI-718B3060%252CCMTPI-71FEED05%252CCMTPI-7232FEF3%252CCMTPI-7263294A%252CCMTPI-7346A449%252CCMTPI-740E0FB8%252CCMTPI-762DECC0%252CCMTPI-77B6A0A4%252CCMTPI-795ACE23%252CCMTPI-79A545BA%252CCMTPI-7BFDFB83%252CCMTPI-7D6DB333%252CCMTPI-7E91FBCE%252CCMTPI-83C73318%252CCMTPI-89F0B407%252CCMTPI-8B4FD699%252CCMTPI-8B550176%252CCMTPI-8E8A5556%252CCMTPI-8F0256F5%252CCMTPI-90FEB605%252CCMTPI-91B4B8A6%252CCMTPI-93D1808E%252CCMTPI-96FC6C06%252CCMTPI-974A6972%252CCMTPI-984BCCFF%252CCMTPI-992180C3%252CCMTPI-9934B409%252CCMTPI-99CEEDE8%252CCMTPI-99EED9E9%252CCMTPI-A2DC63AE%252CCMTPI-A2F0F533%252CCMTPI-A483A820%252CCMTPI-A51B55FC%252CCMTPI-A6886128%252CCMTPI-A701553E%252CCMTPI-A91ACFF2%252CCMTPI-AABB9CCA%252CCMTPI-ABB5E719%252CCMTPI-AC2C56B0%252CCMTPI-AD2B955A%252CCMTPI-B036B396%252CCMTPI-B589368E%252CCMTPI-B920F2B6%252CCMTPI-B9A1EE8A%252CCMTPI-B9DA6E48%252CCMTPI-B9E4BFCF%252CCMTPI-BDDD283A%252CCMTPI-C01F4CFD%252CCMTPI-C4784F98%252CCMTPI-C4EA78D9%252CCMTPI-C62EB36B%252CCMTPI-C7DF78E4%252CCMTPI-C8AB068D%252CCMTPI-CB93CF8E%252CCMTPI-CB9C09B9%252CCMTPI-CBF449AB%252CCMTPI-CC176359%252CCMTPI-CE58AFA9%252CCMTPI-CEFA13A3%252CCMTPI-CF57DBA3%252CCMTPI-CFB4B3E3%252CCMTPI-D196FF45%252CCMTPI-D1DFAFF8%252CCMTPI-D3D70833%252CCMTPI-D5172FF2%252CCMTPI-D57220A0%252CCMTPI-D69D3CA0%252CCMTPI-D727A638%252CCMTPI-D76CDC84%252CCMTPI-D85E312F%252CCMTPI-D9642A4D%252CCMTPI-DC46F2B4%252CCMTPI-DD635F5C%252CCMTPI-DF8C4D85%252CCMTPI-E1606495%252CCMTPI-E2876E9D%252CCMTPI-E4A035FB%252CCMTPI-E512F21E%252CCMTPI-E5980AAF%252CCMTPI-E62C5E5E%252CCMTPI-E884C5E3%252CCMTPI-E8DF00E6%252CCMTPI-E914FCF7%252CCMTPI-EA82FD75%252CCMTPI-EAC07C3B%252CCMTPI-EB768A63%252CCMTPI-EBBC6069%252CCMTPI-EBE41FDF%252CCMTPI-ED50DBDE%252CCMTPI-F03021C3%252CCMTPI-F0583F13%252CCMTPI-F2D29CC9%252CCMTPI-F35B60D9%252CCMTPI-F3B6F1FD%252CCMTPI-F591DCE4%252CCMTPI-F70B1614%252CCMTPI-F734BAED%252CCMTPI-F746E76E%252CCMTPI-F92CCD2F%252CCMTPI-F99B2D6D%252CCMTPI-F9D85EE2%252CCMTPI-FCE57443%252CJWIAB052%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.6.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22654755547c74a9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22755062%22%2C%22sid%22%3A%22JWPlayer%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C7%2C5%2C6%2C8%5D%2C%22linearity%22%3A1%2C%22placement%22%3A1%2C%22playbackmethod%22%3A%5B3%5D%2C%22startdelay%22%3A0%2C%22api%22%3A%5B2%5D%2C%22playerSize%22%3A%5B%5B602%2C339%5D%5D%2C%22w%22%3A602%2C%22h%22%3A339%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a834d5ba739a54209c14f8e3b1244ee37f8a8f975d7fdaed646359ac9bdf17

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lx4Gfqup9T1C%2BMeGiVOyWAfzhabVK7Y9XKB0x2tq9XSm0gDrGRa%2BQQC5Oa5AXzuHRKzTyhOpd8%2FzrYZxsJBAk%2ByJXiGIfogYeiwiIbgebcoNwv2wUXLiwTDadFs94RDdERpMENdA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7bfcae63a9953ff8-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
expires
0
hbjson
grid.bidswitch.net/ 		23 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?no_mapping=1&sp=jwp
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
207d34710a6e16285cc94819b07f33cd95a291331d15714ebf7ee173c067592c

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.itpro.com
date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUTF28CX
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b6986921a9f133b75b62ceb38304ba9901db94506380df4c343e6aaffce833

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.itpro.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 30 Apr 2023 03:26:05 GMT
jwplayer
jwplayer.technoratimedia.com/openrtb/bids/ 		22 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jwplayer.technoratimedia.com/openrtb/bids/jwplayer?src=prebid_prebid_7.6.0
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
via
1.1 varnish
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
x-varnish
103063661
access-control-allow-credentials
true
content-length
48
segment
api.permutive.com/clm/v1/ 		49 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D733%26segid%3D85395%2C89871%2C90272%2C94788
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85395,89871,90272,94788
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85395,89871,90272,94788
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85395,89871,90272,94788
date
Sun, 30 Apr 2023 03:26:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
jwplayer
jwplayer.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jwplayer.technoratimedia.com/openrtb/bids/jwplayer?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.itpro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.itpro.com
access-control-max-age
86400
date
Sun, 30 Apr 2023 03:26:05 GMT
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 87CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=6812978323417459240&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6812978323417459240&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NEBNH7W6BTZE67EM25AD

Redirect headers

AN-X-Request-Uuid
53efbd03-92a8-48cd-b603-0f4dbe48b90d
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=6812978323417459240&ex=appnexus.com&gdpr=0
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame B8AE
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=848434730014415633723
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=848434730014415633723
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-MediaNet_ox-db5_smrt_cnv_n-sharethrough_pm-db5_rbd_ppt_n-vmg_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FDG5YVK4A3YH5RJY831D

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 03:26:05 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=848434730014415633723
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
events
api.permutive.com/v2.0/batch/ 		101 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
303b174cca4ac96e9cd4d462892a151a8f7681ca6bd295e7f061812e6fbd325c

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
rtset
bh.contextweb.com/bh/ Frame 45A9
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=584b13670eb204f3&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACVIaMNmHvfgMsilC0AAAAAAA&expiration=1682911565&nuid=&is_secure=true
49 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACVIaMNmHvfgMsilC0AAAAAAA&expiration=1682911565&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-7hgps
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACVIaMNmHvfgMsilC0AAAAAAA&expiration=1682911565&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 45A9 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MXooVsVduakn&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T447MMHSFEN5K3DHW3FD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8055 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=fd73d814-c352-4115-9b2a-d9152e3c2a5a
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5WBPJKW468AH84QNDYVH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 8055
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
68 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 8055
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
68 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 8055
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
68 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6eeb2430-b408-424f-87d7-8166a00c303c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 8055
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
68 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0566d89c-8b22-4579-8419-35d4545d61fb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6812978323417459240
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F31E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=718cfd14-4764-89a5-b4ee-4ea2524a9808
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z1GBYMM7C29XBJHMJQNA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bd9de72d-cb62-a016-4537-dac0c52e9ea1
pr-bh.ybp.yahoo.com/sync/openx/ Frame F31E 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/bd9de72d-cb62-a016-4537-dac0c52e9ea1?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:79b9:bad9:3afb:a3d4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame F31E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=718cfd14-4764-89a5-b4ee-4ea2524a9808
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AW9YDHSV0Z26P3A7W8VB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F31E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=295a8169-5bce-325f-74e0-cc353a7953e8&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttd_puid=295a8169-5bce-325f-74e0-cc353a7953e8&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttd_puid=295a8169-5bce-325f-74e0-cc353a7953e8&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttd_puid=295a8169-5bce-325f-74e0-cc353a7953e8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame F31E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDUzNTUyYTMtOTJiOS02Y2ZiLTYxMDAtOTY4Y2YwOWI5ZDg4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F31E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECZzGjCr2nsElSN3lLX9ubM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECZzGjCr2nsElSN3lLX9ubM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECZzGjCr2nsElSN3lLX9ubM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F642 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51844
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 2F19 		49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=5152527117039382266&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 2F19
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=fd73d814-c352-4115-9b2a-d9152e3c2a5a&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=fd73d814-c352-4115-9b2a-d9152e3c2a5a&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=fd73d814-c352-4115-9b2a-d9152e3c2a5a&gdpr=0
date
Sun, 30 Apr 2023 03:26:05 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2F19
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=7e18644d-dfcd-4700-bae2-b858c123093b&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=7e18644d-dfcd-4700-bae2-b858c123093b&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
MT3 830 785530e master iad-pixel-x12 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=7e18644d-dfcd-4700-bae2-b858c123093b&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 03:26:04 GMT
711890.gif
id.rlcdn.com/ Frame 2F19 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/ Frame 2F19
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=MXooVsVduakn&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=MXooVsVduakn&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=MXooVsVduakn&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-7hgps
expires
-1
sync
visitor.omnitagjs.com/visitor/ Frame DD70
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH2UNJ0D-11-I4FG&name=RUBICON&gdpr=0&gdpr_consent=undefined
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH2UNJ0D-11-I4FG&name=RUBICON&gdpr=0&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LH2UNJ0D-11-I4FG&name=RUBICON&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d0cea2fb47f5ddedaddf61763f0aedb4
Expires
0
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7BPUB_...
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%...
  • https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
86 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://vpb-server.jwplayer.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&f=i&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
VghWffSP-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/VghWffSP-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f677d8783bc1f246f04d56df6da822ecc56db557544d3e8d7343e08c0b117c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
174
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
167403
x-served-by
cache-iad-kjyo7100164-IAD, cache-yul12830-YUL
last-modified
Fri, 04 Feb 2022 16:00:38 GMT
server
nginx
x-timer
S1682825166.778008,VS0,VE17
etag
"6bd9192c9fac5d2675697e5eb645bca8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
5, 0

Redirect headers

date
Sun, 30 Apr 2023 03:26:05 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/VghWffSP-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
1pPncguSaEwuqE-N5bj07aeaegC1ATGeDB7IGpU9mOGcSSFh-6Rzwg==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/aWeJUC35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 03:26:05 GMT
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
86 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://vpb-server.jwplayer.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&f=i&uid=7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F642
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH2UNJ0D-11-I4FG
  • https://s.amazon-adsystem.com/ecm3?id=LH2UNJ0D-11-I4FG&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LH2UNJ0D-11-I4FG&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TQPDCJ6TD7974TEEFZTA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LH2UNJ0D-11-I4FG&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Sun, 30 Apr 2023 03:26:05 GMT
cast_sender.js
www.gstatic.com/eureka/clank/112/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 30 Apr 2023 16:46:01 GMT
ecm3
s.amazon-adsystem.com/ Frame 4E12
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=137
  • https://s.amazon-adsystem.com/ecm3?id=afe08c8f-46f3-496c-a20b-84defbb30b2a&ex=bf.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=afe08c8f-46f3-496c-a20b-84defbb30b2a&ex=bf.com
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KS4WYP7MBQ0B7QGPHK8M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=afe08c8f-46f3-496c-a20b-84defbb30b2a&ex=bf.com
Date
Sun, 30 Apr 2023 03:26:04 GMT
Connection
keep-alive
Content-Length
0
partner
pixel.servebom.com/ Frame 4E12
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=132
  • https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
70 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1682825166.cds213.dc2.hn,1682825166.cds213.dc2.sl
content-type
image/png

Redirect headers

Location
https://pixel.servebom.com/partner?cb=[cachebuster]&svc=us&id=42&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Date
Sun, 30 Apr 2023 03:26:05 GMT
Connection
keep-alive
Content-Length
0
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://x.videobyte.com/usync?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dvideobyte%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=e93f5543-1503-4866-a084-f3fb9034e1e7
86 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=e93f5543-1503-4866-a084-f3fb9034e1e7
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://vpb-server.jwplayer.com/setuid?bidder=videobyte&gdpr=0&gdpr_consent=&f=i&uid=e93f5543-1503-4866-a084-f3fb9034e1e7
date
Sun, 30 Apr 2023 03:26:05 GMT
content-length
172
vary
Origin
content-type
text/html; charset=utf-8
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame 4A91 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 02:51:45 GMT
age
88460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 02:51:45 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4A91 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4A91 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:17:12 GMT
age
32933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:17:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4A91 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 4A91 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:49:51 GMT
age
30974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:49:51 GMT
truncated
/ Frame 4A91 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb8a41afc334505bed23f530c1ddbcd1e94bc06ba028e914e9ee2387397f3126

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame 1A97 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 02:51:45 GMT
age
88460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 02:51:45 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 1A97 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 1A97 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:17:12 GMT
age
32934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:17:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 1A97 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 1A97 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:49:51 GMT
age
30975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:49:51 GMT
css
fonts.googleapis.com/ Frame 1A97 		9 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:29:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 03:26:06 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame 9F3D 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 02:51:45 GMT
age
88460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 02:51:45 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 9F3D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 9F3D 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:17:12 GMT
age
32934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:17:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 9F3D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 9F3D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:49:51 GMT
age
30975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:49:51 GMT
css
fonts.googleapis.com/ Frame 9F3D 		9 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:31:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 03:26:06 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame 25EC 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 02:51:45 GMT
age
88460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 02:51:45 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 25EC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 25EC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:17:12 GMT
age
32934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:17:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 25EC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:20 GMT
age
468826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 25EC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 18:49:51 GMT
age
30975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 18:49:51 GMT
css
fonts.googleapis.com/ Frame 25EC 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 01:31:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 03:26:06 GMT
2529866219854364104
tpc.googlesyndication.com/simgad/ Frame 4A91 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2529866219854364104?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnlWIutmfo1u27UQHUFM3TpEshiRQ
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7620edc3c9dee61b01469b10ed543c1753e2daf7f206e80f5d578cba5f8a4e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:37:41 GMT
x-content-type-options
nosniff
age
46104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5668
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 08:51:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 14:37:41 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A91 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75901
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A91 		295 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75901
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4A91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CO_Rvzd9NZN-JC8boowbRxrnoB5_yiKhu_-fGiN0Q782V2NoPEAEg5-WiGGD96KKB8AOgAaTdmosDyAEC4AIAqAMByAMIqgS-Ak_QHahXxKZibpessSqtimvWDKBU-JhpCUOpJSxJmwtOU8VUbKTexsuIigJlM0sWcaogZJusVTsJYEQjvU2S8YKl6Ij9Kf41PaKEY_xzyG-n5HUhTnmgwu5qZF4JEEvoThKbd1K7H2LJYeh8Deba8vpQXGeMkYCA_Wv5tssKinKnumz9XMx1r-ISgt3dCpeUICzZCIQzxjel47ONAcANl3eAIipYDGv3mBNHydLRpa5rawrL1Hhs66eU7Rzq07LpswQkws5DzI0FB0H7uJlSd-0bOsNBnawV3cgiqKnGiIJZAhxytV8ZVtg5Z0_m8KwybR29QQpPyvkDwhX0JTRnHXSgm-jxBBe0ZaupnXUe65WRWjDKA3EvA4T7n5mMgf2q5WoxgGe1PGGC2YdwujaXPwBWmkSnWT2CeuVSvyA8GcAE-PvAjqME4AQBkgUECAQYAZIFBAgFGASgBgKAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDP2BHSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMTg5NDU3ODk1MDUzMjUwNBiBxxQ&sigh=hfaFjklm-Ik&uach_m=[UACH]&cid=CAQSTQBygQiDvY_x32wmiH0nduKs7v5sjtygF82Bz_N2nJWeV3vDEk13hnpVN2p7DFbaUg6QX7ti-bRIgDWshztEiyH7GSyr8Sx9MPAyhhCnGAE
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A97 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75901
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A97 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
l
www.google.com/ads/measurement/ Frame 1A97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYu-7jghPLt6fcFnu9BjCD7ZoxYRNUigxFprQOuQhe9X84L2pvcvnC15JKno1S0MdLxTpVp5XyfFLws66TAv5XPXPmUA
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1A97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwhBozd9NZOCJC8boowbRxrnoB5z6t5Rwsov4-4oQvf6snaswEAEg5-WiGGD96KKB8AOgAf2Siv0DyAEJ4AIAqAMByAMKqgS1Ak_QPV7XDdevwSJSvi3vDn-LjaKTvxtQNUaKoewnp2g6N6aBB0NdUmjjWqtREuzdxyeJu0pNj4gEOUtJNLUFsqYoz-l3C-dRW_eL8JfyWxVyuNxGMYjpWcTOR4PzYS-iMxp99ccKLOwboGQfVgu9dPW4KzVu_LcAiCMZwKQVcYVpoig60esJoDThfqRr1VfMDaJPzpgnIfwa04UqAxzpderDBBIa4xSkc0gqLZBCA4DA5hdVK6Vp4Y6Wd69xvVhGJ2uCBp5Lc4xzQxweDp2OIQ6Bj6gKOaYnghCrIxIPar7C2A0gsUB8t7hcqM5fOyw9KcN8BY5ukqxEFRvRQ8Cen-s8fVenwmVDM1tiT75vNO5QH3tJoshM5XEL8RKMf3lyrut0_Hs_JFMz4ZSkj_lCqjbfcj0QMMAEg9LRof0D4AQBkgUECAQYAZIFBAgFGASgBi6AB6a2nDKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCM2hXSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwuIFALQFQGAFwGyFx4KHAgAEhRwdWItMTg5NDU3ODk1MDUzMjUwNBiBxxQ&sigh=cOrQLw8Kwyc&uach_m=[UACH]&cid=CAQSTQBygQiDvY_x32wmiH0nduKs7v5sjtygF82Bz_N2nJWeV3vDEk13hnpVN2p7DFbaUg6QX7ti-bRIgDWshztEiyH7GSyr8Sx9MPAyhhCnGAE&template_id=5000
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F3D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F3D 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9F3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtuL-zd9NZOGJC8boowbRxrnoB5z6t5Rw4oX4-4oQnf2snaswEAEg5-WiGGD96KKB8AOgAf2Siv0DyAEJ4AIAqAMByAMKqgS1Ak_QVhvvXxl8ot2sCvgGC69_ZptKki8exgHaOvB4IjtHabupNOy5w76bemcLOe1WSJrrzJmz-O0Og0vaRrqpQVBFPOdQQQ6TaTSZS0C7MUxlgKiE_oQ09tVoVaLhaEZfeY1W5tDl_Gl58VmDzl5IzYsbR-XieSlSWdMv2WVvyeJMAdp-KBqxCa_xII5iE1MjuYjRHWQl9l0c6q7HhZ_csUZefrnGHkZFt2fj3hqX2CrRynJF8hCC_S8y8DcjIHZ531synlAhmuP3YqWQ5Fynt1usnDWksQ_3_7sPgkdXdKqjTQyXGZ6akUmJLqAtttAmykthPBEd_fSFjG7H9Yh3WSQy1HqfEaecXOyS0GhOgGv7Fjzf2FJmdf9zORJf5EeVBteTFnUm9diEKE1VZ1x8G2JVCbGuX8AEk9DRof0D4AQBkgUECAQYAZIFBAgFGASgBi6AB6a2nDKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCs9RHSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwuIFAHQFQGAFwGyFx4KHAgAEhRwdWItMTg5NDU3ODk1MDUzMjUwNBiBxxQ&sigh=jT1C-PoGQEg&uach_m=[UACH]&cid=CAQSTQBygQiDvY_x32wmiH0nduKs7v5sjtygF82Bz_N2nJWeV3vDEk13hnpVN2p7DFbaUg6QX7ti-bRIgDWshztEiyH7GSyr8Sx9MPAyhhCnGAE&template_id=5000
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25EC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25EC 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
l
www.google.com/ads/measurement/ Frame 25EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfxrZbSA8-15x41Ad1clVfPBYpE1cy9sI8jzmtSREs-AWdHZLaVnR-9goqpoPS_GgCqEVPJrqddRSTNJ6qvIQG1KYjdg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 25EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAKbNzd9NZOKJC8boowbRxrnoB5z6t5Rwiov4-4oQvf6snaswEAEg5-WiGGD96KKB8AOgAf2Siv0DyAEJ4AIAqAMByAMKqgS1Ak_QdOvHB9yxzqdBA3UUkA6Pit6jhdkn7qQCsF7JX25wzEBlipW2TvB1jhVf8adgJ-wsGB0h3bBtjlEUopl-Ipic_i4N3kJZv435jNHCQ1HlhwxrIGWaqEj2m-LiTGYLn7CmQg26vkbaJVeu0rBXfvc2rKYQ28IZzDdGKOKbf-quRzqHhCXSvG0UPs89NxLvaT0xeORK8ojQgJIj0h21lrx2VdNPCZ8B97NPcpevI6HVK_22nhcbCcnv7zY2PGAsIRaoajQrTPZyIBP2C106YgIlr-09z4baezA4z9SQQr45RcBeO0SEh5GhLMhBOPGILoiy-OHa_c81vAMUjwNc-gtJwU09U77_e4LdHgsJ_mrLPOvwmz0PW2Ofy2RBqgKn2bymxjI8IXmDhknKB-h5ARm_ikAjYcAEg9LRof0D4AQBkgUECAQYAZIFBAgFGASgBi6AB6a2nDKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDV9BHSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwuIFAPQFQGAFwGyFx4KHAgAEhRwdWItMTg5NDU3ODk1MDUzMjUwNBiBxxQ&sigh=7wiX4ESepyA&uach_m=[UACH]&cid=CAQSTQBygQiDvY_x32wmiH0nduKs7v5sjtygF82Bz_N2nJWeV3vDEk13hnpVN2p7DFbaUg6QX7ti-bRIgDWshztEiyH7GSyr8Sx9MPAyhhCnGAE&template_id=5000
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/1110534468548889484/ Frame 1A97 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1110534468548889484/14763004658117789537?w=400&h=209
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cb49a9ae066bc8b3ea183098d0e96660ca98014bcf0782947f6184e9733f732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:55:12 GMT
x-content-type-options
nosniff
age
55854
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11042
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 05:51:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 11:55:12 GMT
truncated
/ Frame 1A97 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1A97 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1A97 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
850092ba53ac9b5ddd14e94607ff6a510cbbd6a4b7e732c10a18878eb3c0407d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/9275138838237874235/ Frame 9F3D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9275138838237874235/14763004658117789537?w=400&h=209
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
880bb130cdb3841fbc351624d5d504a0a9359354a299b2e1d2d630208c264489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:31:04 GMT
x-content-type-options
nosniff
age
46502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12622
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 07:44:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 14:31:04 GMT
truncated
/ Frame 9F3D 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9F3D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9F3D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
431c521514509f4ef00a49cfbfb161924a38f6c87185d59dfdeec5d40c1ce068

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/16920645813927785860/ Frame 25EC 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16920645813927785860/14763004658117789537?w=400&h=209
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87ec72dddebab85709b6102e9b4d255e72d8d6208e171d3488a56fea558b1fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:31:03 GMT
x-content-type-options
nosniff
age
46503
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12653
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 05:07:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 14:31:03 GMT
truncated
/ Frame 25EC 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 25EC 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 25EC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f75702d3ae35b7e3a1217bef39a33221a05643d2cdd0df96856ef1d63d5cccbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:06 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F9C3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=155494&s=&predirect=https%3A%2F%2Fpixel.servebom.com%2Fpartner%3Fcb%3D2299%26svc%3Dus%26id%3D45%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=1YNN&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108323
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 1A97 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:34:21 GMT
x-content-type-options
nosniff
age
67905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:34:21 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 25EC 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:34:21 GMT
x-content-type-options
nosniff
age
67905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:34:21 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 9F3D 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.itpro.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:34:21 GMT
x-content-type-options
nosniff
age
67905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:34:21 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4A91
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Apr 2023 03:26:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5450176221
  • https://sync.1rx.io/usersync/tradedesk/afe08c8f-46f3-496c-a20b-84defbb30b2a
  • https://sync.targeting.unrulymedia.com/csync/RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%...
  • https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
86 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:26:06 GMT
Server
Tengine
ETag
RX89b15692788c4ca6b41d4ec7e61cfe67005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://vpb-server.jwplayer.com/setuid?bidder=unruly&gdpr=0&gdpr_consent=&f=i&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Content-Type
text/html
Connection
keep-alive
w6vo1e7u-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/vFJq2NEG/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51a08d115648f141f45b015c0513e05d053b7d27b70c09c611dc3ef339e95bae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
243
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6186
x-served-by
cache-iad-kjyo7100031-IAD, cache-yul12830-YUL
last-modified
Fri, 04 Feb 2022 15:59:31 GMT
server
nginx
x-timer
S1682825166.363832,VS0,VE16
etag
"70862dab51f955f968fc36bfbed66e37"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
12229, 1

Redirect headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/w6vo1e7u-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
vnbpqvNjO1sbFsjgqIYPJG893sGIuC3INJPQkbqGjMWMniK1bq-e9w==
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A97 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A97 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F3D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F3D 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25EC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25EC 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:21:04 GMT
x-content-type-options
nosniff
server
cafe
age
75902
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 06:21:04 GMT
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=50&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_...
  • https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=7591399174809267913
86 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=7591399174809267913
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://vpb-server.jwplayer.com/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&f=i&uid=7591399174809267913
date
Sun, 30 Apr 2023 03:26:06 GMT
content-length
0
segment
api.permutive.com/clm/v1/ 		49 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
checksync.php
contextual.media.net/ Frame 60FA 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6c14f344cefb2ce04797ff6fab068e04af8116dfda7c1fa69aebab24508fe2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11505
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Tue, 02 May 2023 03:26:06 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame DF3A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
243
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7bfcae6c2f7ba246-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Sun, 30 Apr 2023 07:26:06 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8317 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:06 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame F876 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:2cf1:7be6:911:71d9:25f7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/1D3C) /
Resource Hash
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
14
cache-control
max-age=900
content-encoding
gzip
content-length
6755
content-md5
HcWFhk+tXaF3NZt1fPMIOA==
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:06 GMT
etag
9f484a91-0039-4789-8873-641b0861cba7
expires
Sun, 30 Apr 2023 03:41:06 GMT
last-modified
Thu, 02 Feb 2023 14:10:57 GMT
opc-request-id
iad-1:oAid0bNrseellDq7ieu2WeesIvtczqHoeFn3Kd4Zwa4lKjTfN0FnzPvsPj3micb9
server
ECAcc (nyb/1D3C)
storage-tier
Standard
vary
Accept-Encoding
version-id
68d8e56e-76a4-4241-8b88-07572b4580e7
x-api-id
native
x-cache
HIT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 13DF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158831&gdpr=0&gdpr_consent=
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108323
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://stags.bluekai.com/site/92145?id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
cache-control
max-age=0, no-cache, no-store
content-length
0
bk-server
48d5
expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8317 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51843
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
cm
u.openx.net/w/1.0/ Frame 18E2 		869 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.26.9/bidding.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ec71caf37d821593e3ae2d66f083bad79228e7939970840a8e6895b3fd0c66f5

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
527
content-type
text/html
date
Sun, 30 Apr 2023 03:26:06 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
vpb-server.jwplayer.com/ Frame 18E2 		0
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&f=b&uid=10840ea6-e251-01b6-1f6c-0c20bb229165
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 18E2 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=2f24f295-00c9-0fd8-3e01-54e309f592e4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 18E2 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=079e02e0-83a4-0816-27c7-0d3faddaa781
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 18E2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=7c9cfe0f-9689-043f-2b99-4cc603e23230
  • https://pippio.com/api/sync?pid=5324&it=1&iv=56a0e8c59cc83973493f2346d42b002e5dd6947ce58ac8256811d3350336609e791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1NmEwZThjNTljYzgzOTczNDkzZjIzNDZkNDJiMDAyZTVkZDY5NDdjZTU4YWM4MjU2ODExZDMzNTAzMzY2MDllNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1NmEwZThjNTljYzgzOTczNDkzZjIzNDZkNDJiMDAyZTVkZDY5NDdjZTU4YWM4MjU2ODExZDMzNTAzMzY2MDllNzkxNDI2YjU0MTdkY2UyMRAAGgwIz7-3ogYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=432410ab-a8d0-4767-bd55-ad85a4b39ce9
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=432410ab-a8d0-4767-bd55-ad85a4b39ce9
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=432410ab-a8d0-4767-bd55-ad85a4b39ce9
date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 18E2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6812978323417459240
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6812978323417459240
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 03:26:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9313697d-f4bf-4abc-a9f2-4cf6346c42f4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6812978323417459240
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 18E2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2442317008365535684&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2442317008365535684&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2442317008365535684&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 18E2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZE3fzgAGdc7k6wBS
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3fzgAGdc7k6wBS&_test=ZE3fzgAGdc7k6wBS
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3fzgAGdc7k6wBS&_test=ZE3fzgAGdc7k6wBS
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12834-YUL
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682825167.962612,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3fzgAGdc7k6wBS&_test=ZE3fzgAGdc7k6wBS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
services
sync.technoratimedia.com/ Frame F876 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&source=ipv6&uid=2607%3A5300%3A60%3A7867%3A%3A5&atip=0&tbk=0&nbk=0
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
100640121
access-control-allow-origin
https://ad-cdn.technoratimedia.com
access-control-allow-credentials
true
usync.html
eus.rubiconproject.com/ Frame 9A3A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:06 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:26:06 GMT
location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF10 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108323
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 020A 		1 KB
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0d17dd41efe96f911558858a7fbb1c002f6ba31b19d24fd6ff0d9270b9d70cb2

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
691
content-type
text/html
date
Sun, 30 Apr 2023 03:26:06 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
hde.tynt.com/deb/ Frame A380
Redirect Chain
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
b45f66e9f2a017b743894260cd9f328ec59c54f88c7cf1fc91f9b192fa2b3293

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1604
content-type
text/html
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
onetag-sys.com/usync/ Frame 9CAF 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 705E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
837a26f4380e06026ac45901c15a5536ab4ed6cca1b099c8874801bf65e9d81e

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1210
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:06 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
services
uat-net.technoratimedia.com/ Frame F876
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
0
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
115806144
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=6812978323417459240
0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=6812978323417459240
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
76214171
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Sun, 30 Apr 2023 03:26:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
67e96946-f266-46ce-894c-cbaf7a9a94b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=6812978323417459240
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
128385588
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
619606
content-length
0
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/syn
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHME1rN0ltOEFBQUNYMFNBUjV6Zw&bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Csyn&bee_sync_current_partner=adx&bee_sync_initiator=syn&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAG0Mk7Im8AAACX0SAR5zg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Csyn&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAG0Mk7Im8AAACX0SAR5zg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%26bee_sync_current_partner%3Dpp%...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAG0Mk7Im8AAACX0SAR5zg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAG0Mk7Im8AAACX0SAR5zg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=7591399174809267913
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAG0Mk7Im8AAACX0SAR5zg
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAG0Mk7Im8AAACX0SAR5zg
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
113350741
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAG0Mk7Im8AAACX0SAR5zg
Date
Sun, 30 Apr 2023 03:26:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.21%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=6233665232
  • https://sync.1rx.io/usersync3/mediamathtest/2069.21/7e18644d-dfcd-4700-bae2-b858c123093b?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-89b15692-788c-4ca6-...
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
125895367
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Server
Tengine
ETag
RX89b15692788c4ca6b41d4ec7e61cfe67005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
Content-Type
text/html
Connection
keep-alive
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
0
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
81228562
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=0264bf1d-7b08-4b6f-8a8e-4ae035b57724
access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:06 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame F876
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-fbiA6LFE2uEB8Ig1CXUzKPnPzMoWPF6d~A
0
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-fbiA6LFE2uEB8Ig1CXUzKPnPzMoWPF6d~A
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
116951377
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-fbiA6LFE2uEB8Ig1CXUzKPnPzMoWPF6d~A
date
Sun, 30 Apr 2023 03:26:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE3fzJzbDxeIlhYvWWXiLwAA%26031
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE3fzJzbDxeIlhYvWWXiLwAA%26031
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
131269292
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZE3fzJzbDxeIlhYvWWXiLwAA%26031
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=568200899A48499D9AF846BF5A46F6A4&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%...
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=a1772a10-494b-3d37-a75f-04a78e71d2e7
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=a1772a10-494b-3d37-a75f-04a78e71d2e7
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
95992490
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=a1772a10-494b-3d37-a75f-04a78e71d2e7
date
Sun, 30 Apr 2023 03:26:06 GMT
connection
close
content-length
118
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
services
uat-net.technoratimedia.com/ Frame F876
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=synacor&user_id=568200899A48499D9AF846BF5A46F6A4
  • https://t.pswec.com/bsw_sync?ssp=synacor&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=synacor&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=01648f19-0a01-45f2-83a3-6116f8ecc73a&expires=3&user_group=1&ssp=synacor
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
125895377
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Location
//uat-net.technoratimedia.com/services?srv=cs&pid=48&uid=c6e62f36-eaa5-4e58-a311-dbcd5140d564
Date
Sun, 30 Apr 2023 03:26:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
services
uat-net.technoratimedia.com/ Frame F876
Redirect Chain
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=318a517d9f5b0534&is_secure=true&networkId=63258&version=1&nuid=568200899A48499D9AF846BF5A46F6A4
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAB8cKYUpP8kAMJiTWIAAAAAAA&expiration=1682911566&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAB8cKYUpP8kAMJiTWIAAAAAAA&expiration=1682911566&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
116231074
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=49&uid=AAAB8cKYUpP8kAMJiTWIAAAAAAA&expiration=1682911566&nuid=568200899A48499D9AF846BF5A46F6A4&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
services
sync.technoratimedia.com/ Frame F876
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=568200899A48499D9AF846BF5A46F6A4&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3258267651455343000V10
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3258267651455343000V10
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
81228566
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3258267651455343000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:06 GMT
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame F876 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=568200899A48499D9AF846BF5A46F6A4
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22033
pubcid.php
hbx.media.net/ Frame 60FA 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Sun, 30 Apr 2023 03:26:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:56:06 GMT
sync
gum.criteo.com/ Frame 60FA 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
825522
expires
60
cksync.html
contextual.media.net/ Frame 62B7
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Drkt%26refUrl%3D%26vid%3D282516687232582676514553430...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=rkt&refUrl=&vid=28251668723258267651455343000V10&ovsid=969188715268096521
235 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=rkt&refUrl=&vid=28251668723258267651455343000V10&ovsid=969188715268096521
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Sun, 30 Apr 2023 03:26:06 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 30 Apr 2023 03:26:06 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=rkt&refUrl=&vid=28251668723258267651455343000V10&ovsid=969188715268096521
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DADB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dpba%26refUrl%3D%26vid%3D28251668723258267651455343000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108323
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:06 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 60FA
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=706f11e83c3304f3&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=con&refUrl=&vid=28251668723258267651455343000V10&ovsid=AAABwiddtypijwMvVYkNAAAAAAA&expiration=1682911566&is_secure=true
61 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=con&refUrl=&vid=28251668723258267651455343000V10&ovsid=AAABwiddtypijwMvVYkNAAAAAAA&expiration=1682911566&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=con&refUrl=&vid=28251668723258267651455343000V10&ovsid=AAABwiddtypijwMvVYkNAAAAAAA&expiration=1682911566&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 60FA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3258267651455343...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=opx&refUrl=&vid=28251668723258267651455343000V10&ovsid=e176e8f6-f0ce-08bf-17af-b25b8896c134
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=opx&refUrl=&vid=28251668723258267651455343000V10&ovsid=e176e8f6-f0ce-08bf-17af-b25b8896c134
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:26:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3258267651455343000V10&type=opx&refUrl=&vid=28251668723258267651455343000V10&ovsid=e176e8f6-f0ce-08bf-17af-b25b8896c134
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 60FA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Dmma%26refUrl%3D%26vid%3D282516687232582676514553...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=mma&refUrl=&vid=28251668723258267651455343000V10&ovsid=7e18644d-dfcd-4700-bae2-b858c123093b
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=mma&refUrl=&vid=28251668723258267651455343000V10&ovsid=7e18644d-dfcd-4700-bae2-b858c123093b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

Date
Sun, 30 Apr 2023 03:26:06 GMT
Server
MT3 830 785530e master iad-pixel-x10 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=mma&refUrl=&vid=28251668723258267651455343000V10&ovsid=7e18644d-dfcd-4700-bae2-b858c123093b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 03:26:05 GMT
cksync
cs.media.net/ Frame 60FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI1ODI2NzY1MTQ1NTM0MzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEA0LjGCAQSTO9U3gfzlb44Y&google_cver=1
61 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEA0LjGCAQSTO9U3gfzlb44Y&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEA0LjGCAQSTO9U3gfzlb44Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 60FA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Ddxu%26refUrl%3D%26vid%3D28251668723258267651455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258267651455343000V10%26type%3Ddxu%26refUrl%3D%26vid%3D28251668723258267...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=dxu&refUrl=&vid=28251668723258267651455343000V10&ovsid=eq8fD1Yn1PSXHp5
61 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=dxu&refUrl=&vid=28251668723258267651455343000V10&ovsid=eq8fD1Yn1PSXHp5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:06 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0e80c80edc5e53ad9@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3258267651455343000V10&type=dxu&refUrl=&vid=28251668723258267651455343000V10&ovsid=eq8fD1Yn1PSXHp5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 60FA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d326bf4a-524d-4a12-a331-37b53b8a3f0b
61 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d326bf4a-524d-4a12-a331-37b53b8a3f0b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d326bf4a-524d-4a12-a331-37b53b8a3f0b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1440291
content-length
0
expires
Sun, 30 Apr 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 60FA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedi...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=79d744cc6fe24036ab2c6a068d85954b&ssp=medianet&bsw_param=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=0&consent=&gdpr_pd=1&expires=7
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=0&gdpr_consent=&gdpr_pd=1
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=0&gdpr_consent=&gdpr_pd=1
Date
Sun, 30 Apr 2023 03:26:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 60FA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3258267651455343000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3258267651455343000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4b8d9b64-53d4-4f79-93fa-38d551287687&cs=1
61 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=4b8d9b64-53d4-4f79-93fa-38d551287687&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:26:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 03:26:07 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=4b8d9b64-53d4-4f79-93fa-38d551287687&cs=1
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
710489.gif
id.rlcdn.com/ Frame 60FA 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 60FA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afe08c8f-46f3-496c-a20b-84defbb30b2a
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afe08c8f-46f3-496c-a20b-84defbb30b2a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.34.248.177 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-248-177.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:06 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Sun, 30 Apr 2023 03:26:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=afe08c8f-46f3-496c-a20b-84defbb30b2a
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
services
sync.technoratimedia.com/ Frame 020A 		0
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=1436ced7-3c99-0a6c-1e20-d2550e996d0e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
81426718
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
sync
x.bidswitch.net/ Frame 020A
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=29ec5ded-6c14-082e-3666-3033b0ef9207
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=29ec5ded-6c14-082e-3666-3033b0ef9207&_li_chk=true&previous_uuid=bf75888df8174356972b53799b2d7307
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=29ec5ded-6c14-082e-3666-3033b0ef9207&previous_uuid=64a97a7052b549818e7401fdee841239
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2442317008365535684
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=bf75888d-f817-4356-972b-53799b2d7307&liid=&_ct=im
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=d4ef2024b634dbba07145fc3eebd21ce
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Sun, 30 Apr 2023 03:26:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
g.pixel
aa.agkn.com/adscores/ Frame 020A 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=35d86117-1402-09ce-1ea2-40bfbabfc1ce
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.225.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-225-119.ord58.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 51b64f398ca40514b951829e44e92c36.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
ORD58-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
CwZ1mF3YC7nFU25j8FzwZzTk0HDteJawr4Me92bsbYbBPMq9kpgqew==
expires
0
37274
stags.bluekai.com/site/ Frame 020A 		62 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=0e4ed9cf-6eb9-0fde-0e17-5311a129335b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
7f91
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame 020A 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 020A
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=85f714e3-4356-1769-83c9-87c61fb4132a
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=1hu1n1xg9wsxh
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=1hu1n1xg9wsxh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=1hu1n1xg9wsxh
cache-control
no-cache
cf-ray
7bfcae6dfa4b4bd0-YUL
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 020A
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=36d4b58c-09b4-0e11-0275-5774de4b5dd9&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0c48c9d650989fddea666d4e6c644aaf
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0c48c9d650989fddea666d4e6c644aaf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:26:07 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0c48c9d650989fddea666d4e6c644aaf
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
f4138e446345
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 020A
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=9gwLVfJIi3GSlICC6WBpUg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6n0hbjhmjm12mslepa2q7bm986kj3tqp

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 020A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e18644d-dfcd-4700-bae2-b858c123093b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e18644d-dfcd-4700-bae2-b858c123093b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Server
MT3 830 785530e master iad-pixel-x17 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e18644d-dfcd-4700-bae2-b858c123093b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 03:26:06 GMT
sd
us-u.openx.net/w/1.0/ Frame 020A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=6d11556c-0c75-4a73-9045-961f2df936d6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=6d11556c-0c75-4a73-9045-961f2df936d6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=6d11556c-0c75-4a73-9045-961f2df936d6
Date
Sun, 30 Apr 2023 03:26:07 GMT
Connection
keep-alive
X-CI-RTID
3a033a6a-22b6-4a30-8336-654570419c87
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 020A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 705E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 705E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODQ4NDM0NzMwMDE0NDE1NjMzNzIz
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 705E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKAfS0UdSF68aSgLGzoKvps&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKAfS0UdSF68aSgLGzoKvps&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKAfS0UdSF68aSgLGzoKvps&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 705E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODQ4NDM0NzMwMDE0NDE1NjMzNzIz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODQ4NDM0NzMwMDE0NDE1NjMzNzIz
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODQ4NDM0NzMwMDE0NDE1NjMzNzIz
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 705E 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=848434730014415633723&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3072834479BA4E7CA499FF3CFBB8F91E Ref B: YMQ01EDGE0619 Ref C: 2023-04-30T03:26:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hURL8CHZ4d0xmneXzQ==
xuid
eb2.3lift.com/ Frame 705E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=848434730014415633723&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d94e3e36-aa6a-4da3-952a-b658ff02d03e&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=c6e62f36-eaa5-4e58-a311-dbcd5140d564&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 30 Apr 2023 03:26:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 705E 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=848434730014415633723&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
last-modified
Mon, 24 Apr 2023 16:43:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 08330EC3300943A6BEEEC07466918DAA Ref B: YMQ01EDGE0606 Ref C: 2023-04-30T03:26:06Z
etag
"97b0d0f2cb76d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 705E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/848434730014415633723?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-nmrGilFE2oQJWyqG92LzZhur63lF0Lfo0Pe8bMViRw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-nmrGilFE2oQJWyqG92LzZhur63lF0Lfo0Pe8bMViRw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 30 Apr 2023 03:26:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-nmrGilFE2oQJWyqG92LzZhur63lF0Lfo0Pe8bMViRw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 705E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=jwXIqVn1CT_oIFbt1GHC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NJ3VQSLRKZXDC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=jwXIqVn1CT_oIFbt1GHC
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=jwXIqVn1CT_oIFbt1GHC
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:07 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=jwXIqVn1CT_oIFbt1GHC
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 705E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6812978323417459240&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6812978323417459240&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 30 Apr 2023 03:26:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
27e2dd36-548e-4e8c-b057-47500fde4d82
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6812978323417459240&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 705E 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=88&uid=848434730014415633723
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redird=SN85RLf7qQar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
90359000
access-control-allow-origin
https://eb2.3lift.com/
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame 9A3A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51842
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
log
c21lg-d.media.net/ Frame 60FA 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=52ae78f8-1afd-425c-91b7-0f4a86335931&cs=15&vsid=3258267651455343000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUTF28CX&prvid=2034%2C2033%2C2030%2C173%2C175%2C2009%2C157%2C2028%2C3018%2C159%2C2026%2C236%2C2025%2C2069%2C117%2C459%2C97%2C99%2C77%2C56%2C59%2C2022%2C3012%2C2043%2C262%2C461%2C201%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:07 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 30 Apr 2023 03:26:07 GMT
usync.html
eus.rubiconproject.com/ Frame 889A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:07 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:26:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
services
sync.technoratimedia.com/ Frame A380
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1682825167009.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D...
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153247736372
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153247736372
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
96451122
access-control-allow-origin
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212153247736372
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A380
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=e4c9a5fb-e91c-4423-95aa-1eafdf37541b&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=c6e62f36-eaa5-4e58-a311-dbcd5140d564
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=c6e62f36-eaa5-4e58-a311-dbcd5140d564&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A380
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682825167009.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e18644d-dfcd-4700-bae2-b858c123093b
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e18644d-dfcd-4700-bae2-b858c123093b
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Server
MT3 830 785530e master iad-pixel-x22 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e18644d-dfcd-4700-bae2-b858c123093b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 03:26:06 GMT
match
events-ssc.33across.com/ Frame A380
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-euVfw.1E2uEpJUQBo0PH1RBjKjliGv9q~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-euVfw.1E2uEpJUQBo0PH1RBjKjliGv9q%7EA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-euVfw.1E2uEpJUQBo0PH1RBjKjliGv9q%7EA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-euVfw.1E2uEpJUQBo0PH1RBjKjliGv9q%7EA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A380
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4dafdbcae9d0068f&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB2T8U3piDKgNch-4oAAAAAAA&expiration=1682911567&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8U3piDKgNch-4oAAAAAAA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8U3piDKgNch-4oAAAAAAA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB2T8U3piDKgNch-4oAAAAAAA&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A380
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=848434730014415633723
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=848434730014415633723&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=848434730014415633723&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:06 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=848434730014415633723&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 889A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51842
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
services
uat-net.technoratimedia.com/ Frame 9A3A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
100281721
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
setuid
vpb-server.jwplayer.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvpb-server.jwplayer.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkKuZLZHmnzGdTVEQseo8o1p
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkKuZLZHmnzGdTVEQseo8o1p
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
52.204.13.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-13-233.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://vpb-server.jwplayer.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&f=i&uid=GkKuZLZHmnzGdTVEQseo8o1p
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
match
events-ssc.33across.com/ Frame 889A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2UNJ0D-11-I4FG&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2UNJ0D-11-I4FG&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.6.0
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2UNJ0D-11-I4FG&ts=1682825167&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A91 		42 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9IRPXfj7ET_OBr3CJnehkzFmTO0csE7shrSKCJA-yD4ByhzW6ackXu8jhxqQ9oql6clMfvDVGP1dAlVenkgkvMuyenrA9QHhHhAxa4AlyTiBFbnM2gfNJHQ1U4rgJjNGX46s&sai=AMfl-YTGX4QOEbS8i92bA5wBfv_rWSitEthsWAvIGJAuUmlKmiraLcgPMHywoAw1aZ8AZGN5i2H-qdSZDF88MDY-uVnKnre96ACWnzRhr2QfBd-0xzvZofgXIDQxdt8Lo2W9Ul1hEHUs_sEEjz8LFJs&sig=Cg0ArKJSzBsekX_R9CGsEAE&cid=CAQSTQBygQiDvY_x32wmiH0nduKs7v5sjtygF82Bz_N2nJWeV3vDEk13hnpVN2p7DFbaUg6QX7ti-bRIgDWshztEiyH7GSyr8Sx9MPAyhhCnGAE&id=ampim&o=315,109&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=476&tls=1477&g=100&h=100&tt=1477&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A97 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKSP6VPkaDtFFB1xsoxgu30PazVOQvVq8pgU4u0Sp2iVVmaU6hHO0x6HaQsiW1a_XpTMd7KoJ5-9tWpJI-4v5iM3aXfkyGlO_yWsuGqmGuNZqmajyBEsldtRbq1eSAc3QhRxc&sai=AMfl-YTcdeAyFFK7WQl0QDyOA2oRI5siVho4G_L8X6dL6q6pSAyvSyCLYWWAkCUEZ-Ps6m83pGNbyWAQ7YuGXIff1xh46osmViidsfiyYJXMYJm5hEpMaBWKKYygSKSKqjkL9GMb3ygRX8lgg2GKaAg&sig=Cg0ArKJSzI9dvW1GzIcMEAE&cid=CAQSTQBygQiDvY_x32wmiH0nduKs7v5sjtygF82Bz_N2nJWeV3vDEk13hnpVN2p7DFbaUg6QX7ti-bRIgDWshztEiyH7GSyr8Sx9MPAyhhCnGAE&id=ampim&o=965,857&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=512&tls=1513&g=57.16666579246521&h=57.16666579246521&tt=1513&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		201 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=253158cc-875d-4ed4-a52d-e954eca49313
Requested by
Host: 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
194f3293c5a64feebf85f551c3c8ebf988bcdd53719eaedab0aceb14cc8099a4

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.itpro.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2B9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.184 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-184.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:26:07 GMT
ETag
"623de86a-cf34"
Expires
Mon, 01 May 2023 03:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F175 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
244
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7bfcae722a22a246-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 03:26:07 GMT
expires
Sun, 30 Apr 2023 07:26:07 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 7D6B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2507:1000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
56171
content-encoding
gzip
content-type
text/html
date
Sat, 29 Apr 2023 11:49:57 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a044221a7cde0fa9b5dc69d5ceb4439a.cloudfront.net (CloudFront)
x-amz-cf-id
LOZZuit15diRml7MCnWUV40X1igNthUf9E1urEzn25sZiQgjKn7fgw==
x-amz-cf-pop
ORD58-P7
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame 411C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1YNN
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:07 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E27C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162345&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.100.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108322
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:26:07 GMT
expires
Mon, 01 May 2023 09:31:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 90CE 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNN&
Requested by
Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/[request].97fa6f1a01a3ed09615a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
25aff18b950910fe069aa94c941a0c1220301891b39bd52e997deb1c84a1408c

Request headers

Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1068
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:07 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1YNN
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=0&gdpr_consent=&us_privacy=1YNN
  • https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAG0Mk7Im8AAACX0SAR5zg&ssp=themediagrid&gdpr=0&us_privacy=1YNN
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAG0Mk7Im8AAACX0SAR5zg&ssp=themediagrid&gdpr=0&us_privacy=1YNN
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAG0Mk7Im8AAACX0SAR5zg&ssp=themediagrid&gdpr=0&us_privacy=1YNN
Date
Sun, 30 Apr 2023 03:26:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame 90CE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=848434730014415633723
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:07 GMT
AN-X-Request-Uuid
44489914-f1f0-43a0-b7b6-a6c0a146ee7a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 90CE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=848434730014415633723
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:07 GMT
AN-X-Request-Uuid
2c7739e8-6a01-43dc-b05c-6c452353f5d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 90CE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=6d11556c-0c75-4a73-9045-961f2df936d6&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=6d11556c-0c75-4a73-9045-961f2df936d6&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=6d11556c-0c75-4a73-9045-961f2df936d6&dongle=d54f&gdpr=0&gdpr_consent=
Date
Sun, 30 Apr 2023 03:26:07 GMT
Connection
keep-alive
X-CI-RTID
f82f035a-1adb-4677-bf19-ed9401a5ba88
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 90CE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 90CE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185&dongle=4430
Date
Sun, 30 Apr 2023 03:26:07 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 90CE 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.221.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-221-84.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 90CE 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.221.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-221-84.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 90CE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2442317008365535684&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2442317008365535684&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2442317008365535684&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 90CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=848434730014415633723
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 90CE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAG0Mk7Im8AAACX0SAR5zg&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAG0Mk7Im8AAACX0SAR5zg&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNN&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAG0Mk7Im8AAACX0SAR5zg&dongle=bzwx&gdpr=0
Date
Sun, 30 Apr 2023 03:26:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 411C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1YNN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:07 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51842
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
async_usersync
ib.adnxs.com/ Frame 2B9C 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:07 GMT
AN-X-Request-Uuid
e3682b59-bb94-497a-abbd-59f4553eb7f2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5857 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
cc965dabe0d60fcd51acdbb6f45ed2ed49f5bf0eefb362d1c806a845fd8a45ed

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1665
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:26:08 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 51CE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:26:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:26:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 7D6B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=6237e64e-5b61-0e3c-1e65-d3f2cdd573ba
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=6237e64e-5b61-0e3c-1e65-d3f2cdd573ba
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
8
content-length
0
x-amz-cf-id
Tu3mpFTLVdUlbZnb5UX92oqLFy7y9dO22CyjGcmcxItrdhDmS-YfgQ==

Redirect headers

date
Sun, 30 Apr 2023 03:26:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=6237e64e-5b61-0e3c-1e65-d3f2cdd573ba
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 7D6B
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-CV0nKTJE2uGNpSNEBwVnv0haG9k4iO4C~A
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-CV0nKTJE2uGNpSNEBwVnv0haG9k4iO4C~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
7APN3vrCP76T3xIgpPCF-0wIJDHkqTL-MjpNGtR4AsILeMUi_rujJQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-CV0nKTJE2uGNpSNEBwVnv0haG9k4iO4C~A
date
Sun, 30 Apr 2023 03:26:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 7D6B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttl=1685417168
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttl=1685417168
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
9
content-length
0
x-amz-cf-id
IDQ66mC9SsqxqHc7IvadXOh3fcqRl9IVBa0Eqz3VQWqW03ewpOzgXw==

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&ttl=1685417168
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame 7D6B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
JQIZYdxEuF1HTKNEgbCaTg-WJ1u6d8IliS-MXY5Ju1uglB1IL6lT2g==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
sync
usr.undertone.com/userPixel/ Frame 7D6B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkUxMDAxQTctODM5QS00RUQ5LTg3NzgtNUI0MDBFOTcwREM4&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC7DbHen0P3Jr8OrdL6zMbo&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D2E1001A7-839A-4ED9-8778-5B400E970DC8
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=2E1001A7-839A-4ED9-8778-5B400E970DC8
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=2E1001A7-839A-4ED9-8778-5B400E970DC8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
6
content-length
0
x-amz-cf-id
pVDvWJo3E9zkcRx6WxvGbDqQN8SyqPA3QUSVgcavqTFHApuZ6juk6w==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=2E1001A7-839A-4ED9-8778-5B400E970DC8
date
Sun, 30 Apr 2023 03:26:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 7D6B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
9
content-length
0
x-amz-cf-id
dPlevPYp0Ea_eMmlvj1VZUsLoe0o4cOvl_0oDWp6mGHdRv3CBP476w==

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:07 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 7D6B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:07 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
7
content-length
0
x-amz-cf-id
CB65XoO1Sr45_7GFk-VNSbp4GWFkQ_CWUffCarOfhn8ay6Jv4rpPiQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
date
Sun, 30 Apr 2023 03:26:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 7D6B 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=835c2eb0c16442b085059e2a41c03f29
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:08 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 30 Apr 2023 03:26:08 GMT
ibs:dpid=152416&dpuuid=7rys0npxije17xsinzlp26wbt
dpm.demdex.net/ Frame 7D6B 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=7rys0npxije17xsinzlp26wbt
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-31-66.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v047-00a107d49.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
EAMxsGa8T0Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 7D6B 		62 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=7rys0npxije17xsinzlp26wbt
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 30 Apr 2023 03:26:08 GMT
content-length
62
content-type
image/gif
liveramp.com
pippio.com/api/ Frame 7D6B
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=7rys0npxije17xsinzlp26wbt
  • https://pippio.com/api/sync?pid=5324&it=1&iv=56a0e8c59cc83973493f2346d42b002e5dd6947ce58ac8256811d3350336609e791426b5417dce21&_=2
  • https://pippio.com/api/liveramp.com
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/liveramp.com
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
liveramp.com
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 7D6B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=7rys0npxije17xsinzlp26wbt
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.32.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-32-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n013-ash-prod.krxd.net
date
Sun, 30 Apr 2023 03:26:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1682825168
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5857 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:79b9:bad9:3afb:a3d4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 5857
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6812978323417459240
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6812978323417459240
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:26:08 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cdcb0817-0373-4d74-99c2-be53a641e60c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6812978323417459240
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5857
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:79b9:bad9:3afb:a3d4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
date
Sun, 30 Apr 2023 03:26:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5857
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAG0Mk7Im8AAACX0SAR5zg&expiration=1684034768
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAG0Mk7Im8AAACX0SAR5zg&expiration=1684034768
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAG0Mk7Im8AAACX0SAR5zg&expiration=1684034768
Date
Sun, 30 Apr 2023 03:26:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 5857
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188715268096521
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188715268096521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188715268096521
Date
Sun, 30 Apr 2023 03:26:08 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 5857
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ED518F86BDFC4BD09DCABEFA949D728C
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ED518F86BDFC4BD09DCABEFA949D728C
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 03:26:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ED518F86BDFC4BD09DCABEFA949D728C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 03:26:08 GMT
rum
dsum-sec.casalemedia.com/ Frame 5857
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3fzgAGdc7k6wBS
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3fzgAGdc7k6wBS
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12834-YUL
pragma
no-cache
date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682825168.189957,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3fzgAGdc7k6wBS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
usr.undertone.com/userPixel/ Frame 5857 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
6
content-length
0
x-amz-cf-id
WJK1vAVDvIHIDDVM_7xnJghbI6istv9OIVEzt7vnh0Z9X5KU4D-LHQ==
usync.js
eus.rubiconproject.com/ Frame 51CE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:08 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51841
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:50:09 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 3BB9
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.144.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-144-110.compute-1.amazonaws.com
Software
/
Resource Hash
b64e97b23e9e1c6c12f0be6114e0c8d368be59b87c885bafba08ec14d6da7063

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:08 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 30 Apr 2023 03:26:08 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:26:08 GMT
location
/um/cs&eq_cc=1
crum
dsum-sec.casalemedia.com/ Frame 3BB9 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d2441d25-b176-49b4-8c8e-3df4ebafd263&expiration=1690687568
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0
sync
usr.undertone.com/userPixel/ Frame 51CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&khaos=LH2UNJ0D-11-I4FG
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1YNN
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
zWVESAPyLM0JCjidrLFFd8JmGpZXLVLFATf16I5cThXcOSGJlaUnhA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LH2UNJ0D-11-I4FG&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
28
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7bfcae790b3c7133-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 03 May 2023 03:26:08 GMT
contextfeed.js
www.dianomi.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/itpro/673941/media/shared/js/main.abcefa329387d8fe88e2.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2646
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7bfcae793b867133-YUL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 03 May 2023 03:26:08 GMT
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=722424592&e=e&n=6826595444700274&abc=0&abt=128_sendDomainToFeedsOn&aid=wRvAOEYoEeyfkEbo2AynAw&amp=0&ask=dqH3tS48&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1x4v1nh12yrk&i=0&id=VghWffSP&lid=wqelaob951sv&lsa=read&mt=1&pbd=1&pbr=1&pgi=18uryfj13ys1&ph=1&pid=aWeJUC35&pii=0&pl=339&plc=5&pli=1vdihht1b0g7&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&pu=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=It%20Pro%20Asks%20%7C%20Is%20A%20Four-day%20Working%20Week%20Right%20For%20Your%20Business%3F&tv=3.42.2&vb=0&vi=0&vl=90&wd=602&ab=1&bpv=7.1.1&cae=0&cb=1&cdid=botr_YYRngYhb_aWeJUC35_div&cme=0&dd=1&fed=YYRngYhb&flc=0&fv=&ga=0&ipv=0.7.1&lng=en&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FVghWffSP.m3u8&pbc=0&pd=2&pdr=&plng=en&plt=5200&pni=0&po=0&pogt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries&sp=0&st=1240&sa=1682825165193
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12830-YUL
date
Sun, 30 Apr 2023 03:26:09 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=539298747&e=abq&n=5032363675516638&abc=0&abt=128_sendDomainToFeedsOn&aid=wRvAOEYoEeyfkEbo2AynAw&amp=0&ask=dqH3tS48&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1x4v1nh12yrk&i=0&id=VghWffSP&lid=wqelaob951sv&lsa=read&mt=1&pbd=1&pbr=1&pgi=18uryfj13ys1&ph=1&pid=aWeJUC35&pii=0&pl=339&plc=5&pli=1vdihht1b0g7&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&pu=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=It%20Pro%20Asks%20%7C%20Is%20A%20Four-day%20Working%20Week%20Right%20For%20Your%20Business%3F&tv=3.42.2&vb=0&vi=0&vl=90&wd=602&ab=1&abid=10a77x314h37&apid=10a77x314h37&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22mediagrid.id%22%3A%22160420%22%2C%22mediagrid.type%22%3A%22OpenRTB%22%2C%22mediagrid.pubid%22%3A%22KhoniDGo%22%2C%22indexexchange.id%22%3A%22755062%22%2C%22indexexchange.type%22%3A%22OpenRTB%22%2C%22pubmatic.id%22%3A%224155980%22%2C%22pubmatic.type%22%3A%22OpenRTB%22%2C%22pubmatic.pubid%22%3A%22158831%22%2C%22rubicon.pubid%22%3A9788%2C%22rubicon.siteId%22%3A435088%2C%22openx.id%22%3A%22557568645%22%2C%22synacormedia.id%22%3A%22100548%22%2C%22synacormedia.type%22%3A%22OpenRTB%22%2C%22synacormedia.pubid%22%3A%22jwplayer%22%2C%22medianet.id%22%3A%22833314684%22%2C%22medianet.pubid%22%3A%228CUTF28CX%22%7D&vto=3000&bpv=7.1.1&ipv=0.7.1&rtp=%7B%7D&tpi=80000020%2C80000030%2C80000040%2C80000050%2C80000060%2C80000065%2C80000070%2C80000075%2C80000080%2C80011026%2C80011035%2C80011079%2C80011080%2C80011081%2C80011082%2C90000020%2C90000030%2C90000040%2C90000050%2C90000060%2C90000065%2C90000070%2CCMTPI-0059DF08%2CCMTPI-03654CCA%2CCMTPI-0677E447%2CCMTPI-0BF58D82%2CCMTPI-0CECEC20%2CCMTPI-0D820080%2CCMTPI-0E02F6C6%2CCMTPI-0EF8C0FC%2CCMTPI-115A18D9%2CCMTPI-129516EC%2CCMTPI-12D0185C%2CCMTPI-1403EFCF%2CCMTPI-16A13FA0%2CCMTPI-17E1858C%2CCMTPI-17FC149F%2CCMTPI-1801D437%2CCMTPI-18220805%2CCMTPI-1862FE8D%2CCMTPI-1A914BA9%2CCMTPI-1B48303C%2CCMTPI-1C1AF9F6%2CCMTPI-20972238%2CCMTPI-214AEA2B%2CCMTPI-215023C5%2CCMTPI-272784B3%2CCMTPI-28EF756E%2CCMTPI-298C1144%2CCMTPI-29EB2E80%2CCMTPI-2A67AF12%2CCMTPI-2AFB1697%2CCMTPI-2FD41300%2CCMTPI-31934974%2CCMTPI-31C465AB%2CCMTPI-32EEF776%2CCMTPI-33B15822%2CCMTPI-36BA92AC%2CCMTPI-3A3D73D1%2CCMTPI-3B1F64F2%2CCMTPI-3BF4C761%2CCMTPI-3C3D93D3%2CCMTPI-3C5D709B%2CCMTPI-3E34813A%2CCMTPI-3FE7BB03%2CCMTPI-40E2BC75%2CCMTPI-41AE15D8%2CCMTPI-423BC984%2CCMTPI-434208A3%2CCMTPI-43DB8114%2CCMTPI-456A40FB%2CCMTPI-468780F8%2CCMTPI-48AEA217%2CCMTPI-490406BA%2CCMTPI-49B3B8DB%2CCMTPI-4A797E04%2CCMTPI-4B5BC946%2CCMTPI-4C74FA64%2CCMTPI-4C78F6C7%2CCMTPI-4E807C99%2CCMTPI-4E9D34DD%2CCMTPI-4EDCA4BA%2CCMTPI-501E7815%2CCMTPI-50A1AE94%2CCMTPI-520BE62D%2CCMTPI-5272012D%2CCMTPI-52854BF9%2CCMTPI-54B3F68C%2CCMTPI-54E20E46%2CCMTPI-564BDB0E%2CCMTPI-57B67DE4%2CCMTPI-58ACA4A6%2CCMTPI-5ACCB87D%2CCMTPI-5B0F2BAA%2CCMTPI-5B9116B8%2CCMTPI-5C08D349%2CCMTPI-5C0D30E6%2CCMTPI-5D8B9118%2CCMTPI-5E59A0FD%2CCMTPI-5E67FFE1%2CCMTPI-5E865311%2CCMTPI-61F57FCB%2CCMTPI-62382625%2CCMTPI-63D8A54B%2CCMTPI-674B4FDD%2CCMTPI-686F79B8%2CCMTPI-697B8462%2CCMTPI-6C948CDE%2CCMTPI-6CFA8301%2CCMTPI-6F0857A8%2CCMTPI-718B3060%2CCMTPI-71FEED05%2CCMTPI-7232FEF3%2CCMTPI-7263294A%2CCMTPI-7346A449%2CCMTPI-740E0FB8%2CCMTPI-762DECC0%2CCMTPI-77B6A0A4%2CCMTPI-795ACE23%2CCMTPI-79A545BA%2CCMTPI-7BFDFB83%2CCMTPI-7D6DB333%2CCMTPI-7E91FBCE%2CCMTPI-83C73318%2CCMTPI-89F0B407%2CCMTPI-8B4FD699%2CCMTPI-8B550176%2CCMTPI-8E8A5556%2CCMTPI-8F0256F5%2CCMTPI-90FEB605%2CCMTPI-91B4B8A6%2CCMTPI-93D1808E%2CCMTPI-96FC6C06%2CCMTPI-974A6972%2CCMTPI-984BCCFF%2CCMTPI-992180C3%2CCMTPI-9934B409%2CCMTPI-99CEEDE8%2CCMTPI-99EED9E9%2CCMTPI-A2DC63AE%2CCMTPI-A2F0F533%2CCMTPI-A483A820%2CCMTPI-A51B55FC%2CCMTPI-A6886128%2CCMTPI-A701553E%2CCMTPI-A91ACFF2%2CCMTPI-AABB9CCA%2CCMTPI-ABB5E719%2CCMTPI-AC2C56B0%2CCMTPI-AD2B955A%2CCMTPI-B036B396%2CCMTPI-B589368E%2CCMTPI-B920F2B6%2CCMTPI-B9A1EE8A%2CCMTPI-B9DA6E48%2CCMTPI-B9E4BFCF%2CCMTPI-BDDD283A%2CCMTPI-C01F4CFD%2CCMTPI-C4784F98%2CCMTPI-C4EA78D9%2CCMTPI-C62EB36B%2CCMTPI-C7DF78E4%2CCMTPI-C8AB068D%2CCMTPI-CB93CF8E%2CCMTPI-CB9C09B9%2CCMTPI-CBF449AB%2CCMTPI-CC176359%2CCMTPI-CE58AFA9%2CCMTPI-CEFA13A3%2CCMTPI-CF57DBA3%2CCMTPI-CFB4B3E3%2CCMTPI-D196FF45%2CCMTPI-D1DFAFF8%2CCMTPI-D3D70833%2CCMTPI-D5172FF2%2CCMTPI-D57220A0%2CCMTPI-D69D3CA0%2CCMTPI-D727A638%2CCMTPI-D76CDC84%2CCMTPI-D85E312F%2CCMTPI-D9642A4D%2CCMTPI-DC46F2B4%2CCMTPI-DD635F5C%2CCMTPI-DF8C4D85%2CCMTPI-E1606495%2CCMTPI-E2876E9D%2CCMTPI-E4A035FB%2CCMTPI-E512F21E%2CCMTPI-E5980AAF%2CCMTPI-E62C5E5E%2CCMTPI-E884C5E3%2CCMTPI-E8DF00E6%2CCMTPI-E914FCF7%2CCMTPI-EA82FD75%2CCMTPI-EAC07C3B%2CCMTPI-EB768A63%2CCMTPI-EBBC6069%2CCMTPI-EBE41FDF%2CCMTPI-ED50DBDE%2CCMTPI-F03021C3%2CCMTPI-F0583F13%2CCMTPI-F2D29CC9%2CCMTPI-F35B60D9%2CCMTPI-F3B6F1FD%2CCMTPI-F591DCE4%2CCMTPI-F70B1614%2CCMTPI-F734BAED%2CCMTPI-F746E76E%2CCMTPI-F92CCD2F%2CCMTPI-F99B2D6D%2CCMTPI-F9D85EE2%2CCMTPI-FCE57443%2CJWIAB052&sa=1682825165232
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12830-YUL
date
Sun, 30 Apr 2023 03:26:09 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=1412565141&e=abr&n=0194250612603786&abc=0&abt=128_sendDomainToFeedsOn&aid=wRvAOEYoEeyfkEbo2AynAw&amp=0&ask=dqH3tS48&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1x4v1nh12yrk&i=0&id=VghWffSP&lid=wqelaob951sv&lsa=read&mt=1&pbd=1&pbr=1&pgi=18uryfj13ys1&ph=1&pid=aWeJUC35&pii=0&pl=339&plc=5&pli=1vdihht1b0g7&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&pu=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&pv=8.26.9&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=It%20Pro%20Asks%20%7C%20Is%20A%20Four-day%20Working%20Week%20Right%20For%20Your%20Business%3F&tv=3.42.2&vb=0&vi=0&vl=90&wd=602&ab=1&abid=10a77x314h37&apid=10a77x314h37&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22mediagrid.id%22%3A%22160420%22%2C%22mediagrid.type%22%3A%22OpenRTB%22%2C%22mediagrid.pubid%22%3A%22KhoniDGo%22%2C%22mediagrid.result%22%3A0%2C%22mediagrid.code%22%3A0%2C%22mediagrid.timeForBidResponse%22%3A315%2C%22indexexchange.id%22%3A%22755062%22%2C%22indexexchange.type%22%3A%22OpenRTB%22%2C%22indexexchange.result%22%3A0%2C%22indexexchange.code%22%3A0%2C%22indexexchange.timeForBidResponse%22%3A263%2C%22pubmatic.id%22%3A%224155980%22%2C%22pubmatic.type%22%3A%22OpenRTB%22%2C%22pubmatic.pubid%22%3A%22158831%22%2C%22pubmatic.result%22%3A0%2C%22pubmatic.code%22%3A0%2C%22pubmatic.timeForBidResponse%22%3A236%2C%22jwdemand.errorCode%22%3A3%2C%22jwdemand.result%22%3A3%2C%22jwdemand.code%22%3A3%2C%22jwdemand.timeForBidResponse%22%3A0%2C%22rubicon.pubid%22%3A9788%2C%22rubicon.siteId%22%3A435088%2C%22rubicon.result%22%3A0%2C%22rubicon.code%22%3A0%2C%22rubicon.timeForBidResponse%22%3A296%2C%22openx.id%22%3A%22557568645%22%2C%22openx.result%22%3A0%2C%22openx.code%22%3A0%2C%22openx.timeForBidResponse%22%3A342%2C%22synacormedia.id%22%3A%22100548%22%2C%22synacormedia.type%22%3A%22OpenRTB%22%2C%22synacormedia.pubid%22%3A%22jwplayer%22%2C%22synacormedia.result%22%3A0%2C%22synacormedia.code%22%3A0%2C%22synacormedia.timeForBidResponse%22%3A320%2C%22medianet.id%22%3A%22833314684%22%2C%22medianet.pubid%22%3A%228CUTF28CX%22%2C%22medianet.result%22%3A0%2C%22medianet.code%22%3A0%2C%22medianet.timeForBidResponse%22%3A330%7D&vto=3000&sa=1682825165670
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12830-YUL
date
Sun, 30 Apr 2023 03:26:09 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DWSLFH
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
937aac98f13bf892c36cc5f50146f54052271ae66368f565506796826de269b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39921
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Apr 2023 03:26:10 GMT
gtm.js
www.googletagmanager.com/ 		190 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHCPGDF
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b78fb90f007ec2613b516660da8a40745400bb38e93df98b13734ca8ac43687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62011
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Apr 2023 03:26:10 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHCPGDF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
687d700fbd8f929109c6796ce90d38138a865c1671f8971ecad8200f6f3805b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79571
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 03:26:10 GMT
tag
btloader.com/
Redirect Chain
  • https://futureplc-com.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=futureplc-com&upapi=true
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=futureplc-com&upapi=true
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
502ce491f9981b7e125f4eb591c25f78e16a759cf52d4726d26eae2b57fdef9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 30 Apr 2023 03:03:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1252
etag
W/"53c836a50be1d941b9ddbdd5624b6bb6"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJUUr5baCLgxoMsRmS8VJYCjvg4TFByFf4VoP9vZtBCrqO8o2M42uGIrGE0naEuqfQ6a55lVK36IAaIqJKcgdZvKXRvm5xYe3oWBiC6MELb7890Z142bmprvMT%2FtBncQ2OvuCPRDNp5xjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7bfcae847b12ca98-YYZ

Redirect headers

date
Sun, 30 Apr 2023 03:26:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bMoSmqQwtF09U6PxIFvKaKtLMz61SoqDIknQhUYf%2BypQxFD%2FxkB9DhPKGXxEec3jvJ4JwsnlJQIN9CabYKsUgJgE7mzLWZHXvrLzg268AzEi06waWgGE%2FLX1D7wjCWvrytJnxKJMHMU7uNkOtoFnqT9fu5acVDC%2FuWMTJMl"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=futureplc-com&upapi=true
cache-control
max-age=3600
cf-ray
7bfcae839edfa220-YYZ
expires
Sun, 30 Apr 2023 04:26:10 GMT
540347474949339
connect.facebook.net/signals/config/ 		375 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/540347474949339?v=2.9.103&r=canary
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aeece92e7a5e48afb1d478e5b3c3801dc5216d911cb24fc0140b972a21661af8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Apr 2023 03:26:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
eVZBcnQQ01QvWICfHkvrXqGVAJVudpzkXYZuEbDbKHX1olJJB1Bvscz+Z98htrgJXbA0F8CI0xG7hDne/4ezIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
itpro.js
cdn.brandmetrics.com/tag/62da25c406df470db725091722ab7306/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/62da25c406df470db725091722ab7306/itpro.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS9PS4yHS%2FgTPUQVhYCIgRfIIMSyF4qnCQGjBymQvTRPcB5136btQnfJltE9L%2FDTrzZMlRibN7e%2BJhkuBg1vUICERf6rlt8AYhRQBnDFuLB4NLv3posPNbxZQsX%2F7RzThH2Oymxgi%2F5v2bY13CV0%2BaWc"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=3600
cf-ray
7bfcae839e48a1de-YYZ
content-length
0
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
px.js
p.cpx.to/p/12529/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12529/px.js
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.155.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-155-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d3534d2e3f9e77a667106416716da4f605ea3f1a3180a13d90d89622e96f9ffa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
cache-control
max-age=2419200, public
content-length
1990
content-type
application/javascript; charset=UTF-8
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?3032023
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:53:25 GMT
content-encoding
br
age
1965
x-guploader-uploadid
ADPycdv14WRmbcLYb9Zz4GC3aJtQvS_uIuFK7w69yYNd9lCwA68flhAir7bCpE8F17I2bkgudTGIBONfRiY-uMGFx-vCIo0hSnd8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10521
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
YUL-62c5aa93
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
collect
analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-E36MVD1BQT&gtm=45je34q0&_p=825535187&_gaz=1&cid=955708892.1682825163&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=1&sid=1682825170&sct=1&seg=0&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&dt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&en=ad_impression&_fv=1&_ss=1&ep.query_id=CJ-kwqHU0P4CFUb0yAodUWMOfQ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E36MVD1BQT&cid=955708892.1682825163&gtm=45je34q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-E36MVD1BQT&gtm=45je34q0&_p=825535187&cid=955708892.1682825163&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1682825170&sct=1&seg=0&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&dt=Microsoft%20blocks%20customer%20access%20to%20malicious%20SolarWinds%20binaries%20%7C%20ITPro&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E36MVD1BQT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.itpro.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.itpro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E36MVD1BQT&cid=955708892.1682825163&gtm=45je34q0&aip=1&z=981421804
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utsync.ashx
ml314.com/ 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=51599&ct=js&pi=&fp=&clid=&us_privacy=1YNN&cbo=1&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&pv=1682825170571_dkv8uxuo3&bl=en-us&cb=5661928&return=&ht=&d=&dc=&si=1682825170571_dkv8uxuo3&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?3032023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
30b5ca931526bd5b415760ad5cd17573072ea36badf5283fe768e3002ac1521b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:10 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
expires
0
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=3032023&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?3032023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.24.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-24-142.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:26:10 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Mon, 01 May 2023 03:26:10 GMT
ibs:dpid=22052&dpuuid=3635329782389407799&redir=
dpm.demdex.net/ 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3635329782389407799&redir=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-31-66.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v047-0c44417bd.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Qsgq9wmSTwE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3635329782389407799
  • https://ml314.com/csync.ashx?fp=024cc078aec884c318d65e1b7f6c71876149f15d67b20a289b513722654e025cf4cb09cee1a4f8eb&person_id=3635329782389407799&eid=50082
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=024cc078aec884c318d65e1b7f6c71876149f15d67b20a289b513722654e025cf4cb09cee1a4f8eb&person_id=3635329782389407799&eid=50082
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:09 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Sun, 30 Apr 2023 23:26:10 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:26:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=024cc078aec884c318d65e1b7f6c71876149f15d67b20a289b513722654e025cf4cb09cee1a4f8eb&person_id=3635329782389407799&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
utsync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:09 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Sun, 30 Apr 2023 23:26:10 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=afe08c8f-46f3-496c-a20b-84defbb30b2a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3635329782389407799
  • https://ml314.com/csync.ashx?fp=c88c517ca66cae3c568bf3eaa3ba3d1f&eid=50146&person_id=3635329782389407799
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=c88c517ca66cae3c568bf3eaa3ba3d1f&eid=50146&person_id=3635329782389407799
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Sun, 30 Apr 2023 23:26:10 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=c88c517ca66cae3c568bf3eaa3ba3d1f&eid=50146&person_id=3635329782389407799
cache-control
no-cache
x-server
10.40.42.8
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2WhdRtQ2Ev9Ba8mT8MEvcv8vd3qIIPmKfTT5kswRzXZc&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=2WhdRtQ2Ev9Ba8mT8MEvcv8vd3qIIPmKfTT5kswRzXZc&person_id=3635329782389407799&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:26:10 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Sun, 30 Apr 2023 03:26:10 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
expires
Sun, 30 Apr 2023 23:26:10 GMT
px.gif
ad-delivery.net/ 		43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201551
x-guploader-uploadid
ADPycdt_e1uvDZ9znMbUCBkDZP4LwJp4S2JB_HRIM8QnmxkUBhIk2e4w9kGpe6AYWl0IQDssl86SP8spaaQi05kkyQ799pw85mlx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yfZnVe5zOvPMHgGA6klgVF6g3gLTFNZdHqvttVQBqiAN1uP6g7qspJB8Vbec%2Bnuhok8VqP%2FhWCBxDMClFOeTfVb2D9MOkC%2BB8mAUTD1zM%2B7FuP7Bxx%2B7LXnxi6wzvp2ckjjts3TSioyMC665g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bfcae852b91a216-YYZ
expires
Thu, 27 Apr 2023 19:49:22 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 10:33:26 GMT
px.gif
ad-delivery.net/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.13517463176424926
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201551
x-guploader-uploadid
ADPycdt_e1uvDZ9znMbUCBkDZP4LwJp4S2JB_HRIM8QnmxkUBhIk2e4w9kGpe6AYWl0IQDssl86SP8spaaQi05kkyQ799pw85mlx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v1%2FESy0109kYS9caf29FD7yE%2Bv2C3E8vtTp%2Fd37P7OnpMxZvpSUV01YEyhnCQ2xC5mAi%2FhyVJELxhZbAKgF6I4e%2BFKA%2BpurGc905dG5l4eszwLYIK0VEM20V4D2JithKcrdqHoWKmvw5Y9JEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7bfcae852b95a216-YYZ
expires
Thu, 27 Apr 2023 19:49:22 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=540347474949339&ev=PageView&dl=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&rl=&if=false&ts=1682825170700&sw=1600&sh=1200&v=2.9.103&r=canary&ec=0&o=30&ttf=10655.70000076294&tts=3138.099998474121&ttse=3789.7999992370605&cs_est=true&fbp=fb.1.1682825163828.282071913&it=1682825163192&coo=false&rqm=GET
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 30 Apr 2023 03:26:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
fire.js
s.cpx.to/ 		738 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&hn_ver=40&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12529/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.12.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-12-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e6f02adf0c747af952421fed264b61a9d568062b964d3512e24ee05d755494ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Sun, 30 Apr 2023 03:26:11 GMT
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
738
expires
Sun, 30 Apr 2023 03:26:11 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: futureplc-com.videoplayerhub.com
URL: https://futureplc-com.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:26:10 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=eBlmIj9U1&w=5184536619515904&o=5682682429177856&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&sid=B7HjhWlfB&upapi=true
Requested by
Host: futureplc-com.videoplayerhub.com
URL: https://futureplc-com.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:26:10 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12529%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.itpro.com%252Fsecurity%252F358153%252Fmicrosoft-bloc...
  • https://s.cpx.to/an_fire?app_nexus_uid=6812978323417459240&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&hn_...
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=6812978323417459240&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&hn_ver=40&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
34.246.12.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-12-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
p3p
CP="NOI DEV ADM"
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
expires
Sun, 30 Apr 2023 03:26:11 UTC

Redirect headers

Date
Sun, 30 Apr 2023 03:26:11 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9c5583f3-498a-4715-af1f-f3176697c002
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s.cpx.to/an_fire?app_nexus_uid=6812978323417459240&pid=12529&ref=&url=https%3A%2F%2Fwww.itpro.com%2Fsecurity%2F358153%2Fmicrosoft-blocks-customer-access-to-malicious-solarwinds-binaries&hn_ver=40&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
  • https://s.cpx.to/ca.png?dsp=dbm&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99&google_gid=CAESEMNZhkBEGxzoQT67rRxx99c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99&google_gid=CAESEMNZhkBEGxzoQT67rRxx99c&google_cver=1
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
34.246.12.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-12-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 30 Apr 2023 03:26:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/ca.png?dsp=dbm&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99&google_gid=CAESEMNZhkBEGxzoQT67rRxx99c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2E1001A7-839A-4ED9-8778-5B400E970DC8&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
95 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2E1001A7-839A-4ED9-8778-5B400E970DC8&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
34.246.12.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-12-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Sun, 30 Apr 2023 03:26:11 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Sun, 30 Apr 2023 03:26:11 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=2E1001A7-839A-4ED9-8778-5B400E970DC8&fid=8d307f5d-20a0-4c07-bcc7-f2b73a83cb99
date
Sun, 30 Apr 2023 03:26:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
s.cpx.to/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dsp=TTD
95 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dsp=TTD
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
HTTP/1.1
Server
34.246.12.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-12-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.itpro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Sun, 30 Apr 2023 03:26:11 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Sun, 30 Apr 2023 03:26:11 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:26:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=afe08c8f-46f3-496c-a20b-84defbb30b2a&dsp=TTD
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
179
/
www.facebook.com/tr/ Frame 9773 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.itpro.com
URL: https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.itpro.com
Referer
https://www.itpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.itpro.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 03:26:11 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 boolean| credentialless object| defaultFlags object| vanilla object| VAN function| lazyObserveElement object| externalsScriptLoaded function| _typeof function| __tcfapi function| __uspapi object| _sp_queue object| _sp_ object| ccpaAppliesPromise object| reliableConsentGiven function| FEPProcess function| FEPSanitise function| resolveFEP object| processFEP object| reliableDOMContentLoaded object| reliablePageLoad string| hawk_widgets_endpoint string| hawklinks_endpoint object| head object| font boolean| gaCookieSet object| adParameters object| bordeaux object| FEP_object function| getConnectionDimensions object| getConnectUserDimensions function| missingImage string| ga_code object| analytics_ga_data string| version string| GoogleAnalyticsObject function| ga object| FEP object| permutive object| googletag object| freyr object| dm boolean| trailingSlash object| FlexiLoader function| cssVars boolean| isIE function| amIIE object| sliceComponents function| selligent_initialiser object| vanL10N function| comscoreIntegration object| dfp_config object| vanillaComponents object| require object| ffte object| xkeys object| onesignalConfig string| ftr_request_id object| __LOADABLE_LOADED_CHUNKS__ object| _sp_wp_jsonp object| slice object| google_tag_data object| gaplugins object| PARSELY object| champagne object| dataLayer object| regeneratorRuntime object| Flexi object| webpackChunkbordeaux object| fastdom function| tmntag_triggerEvent function| tmntag_render string| indexExchangeDeviceType object| bordeauxAds object| bdx object| hawk boolean| DotMetricsInitScript object| vanillaJsonp object| __translator function| renderSponsoredPost object| featureVariables object| lazyLoadInstance function| init_background_skin object| gaGlobal object| gaData object| regionRedirectBanner object| popularBox function| fbq function| _fbq boolean| suggestionBoxPresent object| localeSelector object| DotMetricsSettings object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| DotmetricsJSON object| DotMetricsObj object| pbjs object| _pbjsGlobals object| prebid object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| apstag object| _aps object| apscustom function| setImmediate function| clearImmediate object| atsdropmatchpixelmodule object| atsdetectionmodule object| atsenvelopemodule object| ats object| hawklinks object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig undefined| google_measure_js_timing object| _comscore object| jwpb object| mnet function| sbiImg object| PubMaticSync object| COMSCORE object| ns_p object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| closure_lm_973111 object| closure_lm_572634 function| __onGCastApiAvailable object| cast object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| OneSignal number| __oneSignalSdkLoadCount object| google_tag_manager undefined| pixelespn_h3 undefined| pixelespn_a undefined| pixelespn_img undefined| pixelufc_h3 undefined| pixelufc_a undefined| pixelufc_img undefined| pixeldisney_h3 undefined| pixeldisney_a undefined| pixeldisney_img object| el string| captify_kw_query_12529 object| _ml object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| __bt_already_invoked

309 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1682825166808
.3lift.com/sync Name: sync
Value: CgoIoQEQhYDJgf0wCgoIgQIQjIfJgf0wCgoI4gEQhYDJgf0wCgoI5gEQhYDJgf0wCgoIhwIQhYDJgf0wCgkICRCFgMmB_TAKCQhJEIyHyYH9MAoJCAsQhYDJgf0wCgoIjAIQhYDJgf0wCgoIrAIQjIfJgf0wCgoIrQIQjIfJgf0wCgoIzgEQjIfJgf0wCgoIkQIQjIfJgf0wCgoIkgIQjIfJgf0wCgoIlAIQjIfJgf0wCgkIOhCFgMmB_TAKCQgbEIyHyYH9MAoKCN4BEIyHyYH9MAoJCF8QhYDJgf0wCgkIHxCFgMmB_TA=
i.liadm.com/s Name: _li_ss
Value: CggKBgjSARD1FA
.www.itpro.com/ Name: FTR_Country_Code
Value: CA
.www.itpro.com/ Name: FTR_Cache_Status
Value: HIT
.itpro.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.itpro.com/security/358153/microsoft-blocks-customer-access-to-malicious-solarwinds-binaries%22%2C%22sref%22:%22%22%2C%22sts%22:1682825162401%2C%22slts%22:0}
.itpro.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=3c38b6f973411746374fd2aee9fcf28e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1682825162401}
.www.itpro.com/ Name: usprivacy
Value: 1YNN
.itpro.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.itpro.com/ Name: _gid
Value: GA1.2.1614910450.1682825163
.itpro.com/ Name: _gat
Value: 1
.servebom.com/ Name: u
Value: 532C61D007384A4E8C6C9278A19A1E8E
.itpro.com/ Name: dnsDisplayed
Value: undefined
.itpro.com/ Name: ccpaApplies
Value: false
.itpro.com/ Name: signedLspa
Value: undefined
.itpro.com/ Name: permutive-id
Value: 10c98191-64a7-4b3c-8272-fbb03c4359b0
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=9ae58a69-37ed-4576-8d51-6b15df0c6e81&Created=04/30/2023 03:26:03&UserMode=0&guid=9bb460c5-2952-4aff-81fa-1236b926123d&ver=1
www.itpro.com/ Name: h_id
Value: cde15a1a2ad54a38ae8e112a8c855dc6
.itpro.com/ Name: ccpaUUID
Value: 666ed678-2c36-4107-838d-eaa1c1547a59
www.itpro.com/ Name: consentUUID
Value: 4bf078ea-0980-4a42-a9c4-94e698b0631b
.6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co/ Name: pxid
Value: 11581285-544f-4207-977a-9ccd132cc230
bordeaux.futurecdn.net/ Name: HYBRID_CC
Value: CA
www.itpro.com/ Name: DM_SitId1423
Value: 1
www.itpro.com/ Name: DM_SitId1423SecId12368
Value: 1
uk-script.dotmetrics.net/ Name: AWSALBCORS
Value: 5N5uufbF8i1cktLt4e25ehm6NzM43UINOf0TcpWcidGudU33HaU2zSZKh0k/ktwIoj4cfh1gzCJKWCtnsa8p2Oc+XyHusvBno/GFiERThE/odo+ofMhjDQ8oJkND
.itpro.com/ Name: _fbp
Value: fb.1.1682825163828.282071913
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2E1001A7-839A-4ED9-8778-5B400E970DC8
.itpro.com/ Name: _gat_hawkWidgetsAffiliate
Value: 1
www.itpro.com/ Name: _lr_geo_location
Value: CA
www.itpro.com/ Name: usp.23_26_29_33
Value: 1
www.itpro.com/ Name: usp.22
Value: 1
www.itpro.com/ Name: usp.9
Value: 1
www.itpro.com/ Name: usp.24
Value: 1
www.itpro.com/ Name: usp.14
Value: 1
www.itpro.com/ Name: usp.5
Value: 1
www.itpro.com/ Name: usp.36
Value: 1
www.itpro.com/ Name: usp.45
Value: 1
www.itpro.com/ Name: usp.32
Value: 1
www.itpro.com/ Name: usp.2
Value: 1
www.itpro.com/ Name: usp.42
Value: 1
www.itpro.com/ Name: usp.46
Value: 1
www.itpro.com/ Name: usp.19
Value: 1
www.itpro.com/ Name: usp.57
Value: 1
www.itpro.com/ Name: usp.59
Value: 1
www.itpro.com/ Name: usp.61
Value: 1
www.itpro.com/ Name: usp.48
Value: 1
www.itpro.com/ Name: usp.62
Value: 1
www.itpro.com/ Name: usp.64
Value: 1
www.itpro.com/ Name: usp.65
Value: 1
.adnxs.com/ Name: uuid2
Value: 6812978323417459240
.openx.net/ Name: i
Value: faf6be30-f249-0da8-2e36-04dd5e5e6015|1682825164
.undertone.com/ Name: UTID_ENC
Value: 7rys0npxije17xsinzlp26wbt
.undertone.com/ Name: UTID
Value: 835c2eb0c16442b085059e2a41c03f29
.3lift.com/ Name: tluid
Value: 848434730014415633723
.lijit.com/ Name: ljt_reader
Value: GkKuZLZHmnzGdTVEQseo8o1p
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_md
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: __uir_yh
Value: 1
.go.sonobi.com/ Name: __uir_an
Value: 1
.go.sonobi.com/ Name: __uir_ad
Value: 1
.go.sonobi.com/ Name: __uir_bk
Value: 1
.go.sonobi.com/ Name: __uir_ox
Value: 1
.go.sonobi.com/ Name: __uir_av
Value: 1
.go.sonobi.com/ Name: __uir_co
Value: 1
.go.sonobi.com/ Name: __uir_sr
Value: 1
.go.sonobi.com/ Name: __uir_en
Value: 1
.go.sonobi.com/ Name: __uir_vb
Value: 1
.go.sonobi.com/ Name: __uir_tl
Value: 1
.rubiconproject.com/ Name: khaos
Value: LH2UNJ0D-11-I4FG
.go.sonobi.com/ Name: __uis
Value: 7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
.yahoo.com/ Name: A3
Value: d=AQABBMzfTWQCEHSp8OUobUU5nTfnPSWsimAFEgEBAQExT2RXZAAAAAAA_eMAAA&S=AQAAAg4WSuTR7NeeyuLOuok30rw
.tremorhub.com/ Name: tvid
Value: 18b71d7a3de645c1ab6634fc9367b5ad
.casalemedia.com/ Name: CMID
Value: ZE3fzJzbDxeIlhYvWWXiLwAA
.casalemedia.com/ Name: CMPS
Value: 031
.casalemedia.com/ Name: CMPRO
Value: 031
.33across.com/ Name: 33x_ps
Value: u%3D212153247736372%3As1%3D1682825164462%3Ats%3D1682825164462
.advertising.com/ Name: A3
Value: d=AQABBMzfTWQCECb4bdX0r8luTE5xButbyHMFEgEBAQExT2RXZAAAAAAA_eMAAA&S=AQAAAjfsPlOzleFzmCYT7b_eRd0
.tremorhub.com/ Name: tvssa
Value: 1682825164478
.sharethrough.com/ Name: stx_user_id
Value: fd73d814-c352-4115-9b2a-d9152e3c2a5a
.bidswitch.net/ Name: tuuid
Value: c6e62f36-eaa5-4e58-a311-dbcd5140d564
.bidswitch.net/ Name: c
Value: 1682825164
.bidswitch.net/ Name: tuuid_lu
Value: 1682825164
.omnitagjs.com/ Name: ayl_visitor
Value: e8db20fb272204565a9fd7d550d6fcd2
www.itpro.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.servebom.com/ Name: up_32
Value: 18b71d7a3de645c1ab6634fc9367b5ad
.servebom.com/ Name: up_61
Value: y-SC0G2qpE2uLqCCMdFulAGw3Lx.v0hEA-~A
.servebom.com/ Name: up_57
Value: y-sSlmnCBE2uHEiEn7.xt4pOB46XJJaNK.~A
.servebom.com/ Name: up_62
Value: c6e62f36-eaa5-4e58-a311-dbcd5140d564
.servebom.com/ Name: up_64
Value: fd73d814-c352-4115-9b2a-d9152e3c2a5a
.servebom.com/ Name: up_9
Value: 7e341e4a-40d8-4e57-8e7b-e25e2b34d8cd
.servebom.com/ Name: up_59
Value: 212153247736372
.servebom.com/ Name: up_22
Value: 47b9a7ef-0661-0f81-1a7f-791586c16d0e
.servebom.com/ Name: up_65
Value: e8db20fb272204565a9fd7d550d6fcd2
.servebom.com/ Name: up_14
Value: 848434730014415633723
.servebom.com/ Name: up_24
Value: GkKuZLZHmnzGdTVEQseo8o1p
.servebom.com/ Name: up_23
Value: 6812978323417459240
.servebom.com/ Name: up_26
Value: 6812978323417459240
.servebom.com/ Name: up_29
Value: 6812978323417459240
.servebom.com/ Name: up_2
Value: ZE3fzJzbDxeIlhYvWWXiLwAA&031
.servebom.com/ Name: up_36
Value: AAABwiddtypiUwMF8SYtAAAAAAA
.doubleclick.net/ Name: IDE
Value: AHWqTUk6Z7j6n8pejtwoER6aDDEChxbxDxef_nUUX6tu_MKvJ50caP57Uh6A9e1naeE
.amazon-adsystem.com/ Name: ad-id
Value: A6qnAsfFtUt7oY53IV2cO9I
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.go.sonobi.com/ Name: __uin_ox
Value: 82773d6b-8a1a-0550-0fd8-c513184f12ad
.scorecardresearch.com/ Name: UID
Value: 1351f14933f3ecaaa25b9bf1682825164
.go.sonobi.com/ Name: __uin_an
Value: 6812978323417459240
.adkernel.com/ Name: SSPZ
Value: 183045
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: ADKUID
Value: A4453078317124530224
.contextweb.com/ Name: V
Value: MXooVsVduakn
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 844aa4514f21439b
.adsrvr.org/ Name: TDID
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a
.servebom.com/ Name: ud
Value: 20230430032604+0000
.servebom.com/ Name: ias.fraud
Value: false
.servebom.com/ Name: nuv
Value: 1
.quantserve.com/ Name: d
Value: ECMBDQHwKLjvsQA
.quantserve.com/ Name: mc
Value: 644ddfcc-e2f5a-c204d-cdd6d
.brand-display.com/ Name: _knxq_
Value: 2a269804-6403-5d02-6dc4f48f.1682825164.0.1682825164.1682825164
.deepintent.com/ Name: CDIUSER
Value: di_3da7077d04bf4060a7db3
.zemanta.com/ Name: zuid
Value: jwXIqVn1CT_oIFbt1GHC
.go.sonobi.com/ Name: __uin_tl
Value: 848434730014415633723
.go.sonobi.com/ Name: __uin_yh
Value: y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
.mathtag.com/ Name: uuid
Value: 7e18644d-dfcd-4700-bae2-b858c123093b
.go.sonobi.com/ Name: __uin_eb
Value: CAESEGjwHceSVsTYbsiMXTnhI7I||1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDc0NTKzMLA0MzUyFOIz1A3Lcs5wMcwrjw8sMwMAcmagBSQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDc0NTKzMLA0MzUyFOIz1A3Lcs5wMcwrjw8sMwMAcmagBSQAAAA
.adstanding.com/ Name: _adstanding_id
Value: cf14ae7ba61889f99aa145bd5bc676a9
.demdex.net/ Name: demdex
Value: 12116234089105507624342717138110762573
.ads.stickyadstv.com/ Name: UID
Value: 2b9b5bfaf9cb7a2d74d07cb27b6193b
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZE3fzJzbDxeIlhYvWWXiLwAA&031
.go.sonobi.com/ Name: __uin_zt
Value: 969188715268096511
.go.sonobi.com/ Name: __uin_mm
Value: 7e18644d-dfcd-4700-bae2-b858c123093b
.servebom.com/ Name: ramp_session
Value: D4392FA65008489285A0CA0C3724532D
.dpm.demdex.net/ Name: dpm
Value: 12116234089105507624342717138110762573
.adotmob.com/ Name: uid
Value: 0906220407fd6551751cb866
.adotmob.com/ Name: uuid
Value: 0906220407fd6551751cb866
.adotmob.com/ Name: partners
Value: AYL%3A1682825165010
.go.sonobi.com/ Name: __uin_td
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a
.go.sonobi.com/ Name: HAPLB8S
Value: s8531|ZE3f0
.bfmio.com/ Name: __106_cid
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a
.bfmio.com/ Name: __bfio_sync
Value: 49F140C7B6B9ED5C39E52C59A20B8BED
.bfmio.com/ Name: __io_cid
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a
.bidr.io/ Name: bito
Value: AAG0Mk7Im8AAACX0SAR5zg
.bidr.io/ Name: bitoIsSecure
Value: ok
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6e2f6c46-28b0-583d-4aef-12173050d3ad.lN%2FmJ6m7E8OxVFpdFXFSPdRE60zlviULh3kgKyNDU60
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.bluekai.com/ Name: bku
Value: ikG991l4EVEaUwQj
.admixer.net/ Name: am-uid
Value: 79d744cc6fe24036ab2c6a068d85954b
x.videobyte.com/ Name: vbxuid
Value: e93f5543-1503-4866-a084-f3fb9034e1e7
.go.sonobi.com/ Name: __uin_bw
Value: c6e62f36-eaa5-4e58-a311-dbcd5140d564
.go.sonobi.com/ Name: __uin_pp
Value: MXooVsVduakn
.creativecdn.com/ Name: u
Value: emuYl9SHDGCdpB6UVfgP
.creativecdn.com/ Name: ts
Value: 1682825165
.csync.loopme.me/ Name: viewer_token
Value: aec6ab3f-e775-4c37-9ec7-dc1de326aa62
.serverbid.com/ Name: CONSUMABLEID
Value: 9f47d553952f431187d553952f73113e
.media.net/ Name: visitor-id
Value: 3258267651455343000V10
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3-4HeH-BwsFXyv5CHU45Y-2I0MID32R8PffTJx0XSP3XUq2kS5jouv0lbMC0
.servebom.com/ Name: up_19
Value: LH2UNJ0D-11-I4FG
.go.sonobi.com/ Name: __uin_vb
Value: e93f5543-1503-4866-a084-f3fb9034e1e7
.go.sonobi.com/ Name: __uin_co
Value: 61b79679a11b40e8b79679a11bc0e8cc
.sitescout.com/ Name: ssi
Value: 7445e901-6a06-4f6e-9922-eae1bd88b8e4#1682825165386
.spotim.market/ Name: vmuid
Value: 3f44a81e8fa739cd
.spotim.market/ Name: a644680
Value: 848434730014415633723
.spotim.market/ Name: a323548
Value: 6812978323417459240
.postrelease.com/ Name: visitor
Value: da592a54-067e-4e78-b961-118e1af803c7
.postrelease.com/ Name: status
Value: 1
.spotim.market/ Name: a482928
Value: 10840ea6-e251-01b6-1f6c-0c20bb229165
.smartadserver.com/ Name: pid
Value: 7591399174809267913
.technoratimedia.com/ Name: tads_uid
Value: 568200899A48499D9AF846BF5A46F6A4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331110957+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.360yield.com/ Name: tuuid
Value: 0264bf1d-7b08-4b6f-8a8e-4ae035b57724
.360yield.com/ Name: tuuid_lu
Value: 1682825165
.openx.net/ Name: univ_id
Value: 537072971|afe08c8f-46f3-496c-a20b-84defbb30b2a|1682825165707014
match.sharethrough.com/ Name: AWSALBCORS
Value: JYBjyhmAYdMerHDJGcBqVnGQq6CADFMlGuWpNbDkSlgl98OU+GfMaqe5dmE6cFT5cqgD9YUIiu4CR3VJGKpEiZvyOjBM9ufXqDD0UYknSRaTXDH6D4a4D9N/aOkj
.linkedin.com/ Name: bcookie
Value: "v=2&c8ef7be2-4bd7-4cac-88c4-df6d9da8c599"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2582:u=1:x=1:i=1682825165:t=1682911565:v=2:sig=AQG6MpX0kJXpve1PG1VHujIKySwkGf-8"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: c88c517ca66cae3c568bf3eaa3ba3d1f
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLawSDY1NE9ONDNLTkw1TjY1s0hKM05NTDROSjROMUxjAIIU3%2FtnQTQUAAB4xAwp"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI8b1%2FFkhBAQActgJe"
.turn.com/ Name: uid
Value: 2442317008365535684
.itpro.com/ Name: __gads
Value: ID=5b32cc1d82b238c4:T=1682825165:S=ALNI_MbJuBX7l52mNMvVLJf162-6k-1i6A
.itpro.com/ Name: __gpi
Value: UID=0000057af43733e5:T=1682825165:RT=1682825165:S=ALNI_MZ0m6HG2vxKBEY-aK_9AHpEcnRkHQ
.tapad.com/ Name: TapAd_TS
Value: 1682825165880
.tapad.com/ Name: TapAd_DID
Value: baa77f3f-81bd-4f26-99fd-f406bf31fcd2
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: de161515-caff-5378-8705-b410e3486bdd
.betweendigital.com/ Name: ss
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005%22%7D
.servebom.com/ Name: up_42
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a
.betweendigital.com/ Name: ut
Value: ZE3fzgAA0vD2Dt3qph22BE-yXeZRNMacWqDvXQ==
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.spotim.market/ Name: a708476
Value: RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005
.spotim.market/ Name: a309017
Value: 7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341
.doubleclick.net/ Name: DSID
Value: NO_DATA
.technoratimedia.com/ Name: tads_ipv6
Value: 2607:5300:60:7867::5
.bluekai.com/ Name: bkdc
Value: phx
.openx.net/ Name: pd
Value: v2|1682825165.1|vPvMgakWgy.wvmmiKbwuYwtvJeShEgKwrg2f8vuwike
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: EF0F4970-4A41-469D-9D34-BA15B1A53E0E
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_64
Value: tVykJqdJA7o1UpcW-2rKLwjgdd1y3pew
.media.net/ Name: data-sy
Value: 568200899A48499D9AF846BF5A46F6A4~~3
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZE3fzgAGdc7k6wBS
.taboola.com/ Name: t_gid
Value: 2a06a7a8-9a08-4650-acc8-30893b212fc4-tuctb47654e
.aralego.com/ Name: sspid
Value: a1772a10-494b-3d37-a75f-04a78e71d2e7
.media.net/ Name: data-rk
Value: 969188715268096521~~8
.technoratimedia.com/ Name: tads_uidp_7
Value: f69af121-9cbb-4bc3-bb1f-97cccb9d1a52
.technoratimedia.com/ Name: tads_uidp_50
Value: 3bad6227-9571-02db-0c82-85a07e2d9d51
.tynt.com/ Name: uid
Value: M8v4xWRN386ZEvsPHr3qgw==
.criteo.com/ Name: uid
Value: d326bf4a-524d-4a12-a331-37b53b8a3f0b
.media.net/ Name: data-ttd
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a~~1
.w55c.net/ Name: wfivefivec
Value: eq8fD1Yn1PSXHp5
.media.net/ Name: data-o
Value: e176e8f6-f0ce-08bf-17af-b25b8896c134~~8
.media.net/ Name: data-mm
Value: 7e18644d-dfcd-4700-bae2-b858c123093b~~8
.media.net/ Name: data-g
Value: CAESEA0LjGCAQSTO9U3gfzlb44Y~~8
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1682825167009%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1682825167009%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1682825167009%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1682825167009%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1682825167009%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1682825167009%7D%5D
.bing.com/ Name: MUID
Value: 2B83B13143C866273B19A23242F36702
.c.bing.com/ Name: MR
Value: 0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-89b15692-788c-4ca6-b41d-4ec7e61cfe67-005%22%2C%22nxtrdr%22%3Afalse%7D
.w55c.net/ Name: matchmedianet
Value: 5
.media6degrees.com/ Name: clid
Value: 2rtws7j01171hu1n1xg9wsxh000000013b010h01401
.media6degrees.com/ Name: acs
Value: 012020k1rtws7jxzt10
.pippio.com/ Name: did
Value: ZdofXx2ocogwiMPK
.pippio.com/ Name: didts
Value: 1682825167
.pippio.com/ Name: nnls
Value:
.pswec.com/ Name: tuuid
Value: 01648f19-0a01-45f2-83a3-6116f8ecc73a
.pswec.com/ Name: c
Value: 1682825167
.pswec.com/ Name: tuuid_lu
Value: 1682825167
.ipredictive.com/ Name: cu
Value: 6d11556c-0c75-4a73-9045-961f2df936d6|1682825167078
.media.net/ Name: data-c
Value: d326bf4a-524d-4a12-a331-37b53b8a3f0b~~1
.media.net/ Name: data-c-ts
Value: 1682825167
.agkn.com/ Name: ab
Value: 0001%3AGKgBmk3aAwGU1YIl0o6I6PiPiDWhAdiw
.media.net/ Name: data-co
Value: AAABwiddtypijwMvVYkNAAAAAAA~~8
.mfadsrvr.com/ Name: c
Value: 1682825167
.mfadsrvr.com/ Name: tuuid_lu
Value: 1682825167
.media.net/ Name: data-xu
Value: eq8fD1Yn1PSXHp5~~8
.media.net/ Name: data-bs
Value: c6e62f36-eaa5-4e58-a311-dbcd5140d564~~1
.liadm.com/ Name: lidid
Value: bf75888d-f817-4356-972b-53799b2d7307
.dotomi.com/ Name: DotomiTest
Value: 4dafdbcae9d0068f
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAG0Mk7Im8AAACX0SAR5zg
.mfadsrvr.com/ Name: tuuid
Value: e4c9a5fb-e91c-4423-95aa-1eafdf37541b
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1682825167
.sportradarserving.com/ Name: zuuid
Value: d94e3e36-aa6a-4da3-952a-b658ff02d03e
.sportradarserving.com/ Name: c
Value: 1682825167
.sportradarserving.com/ Name: zuuid_lu
Value: 1682825167
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-8925c9cf-862d-47c3-9323-2fb8a199c063-005
.media.net/ Name: data-mf
Value: 4b8d9b64-53d4-4f79-93fa-38d551287687~~1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kba|2N.0.AAACVIaMNmHvfgMsilC0AAAAAAA|4is.0.CAESEDtd8km3MT_BgozfAkaPIE4|7LJ.0.d3f69494-8d38-493c-9c6c-e3b2c8335396|7dN.0.AAG0Mk7Im8AAACX0SAR5zg
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1682825167
.linksynergy.com/ Name: rmuid
Value: 432410ab-a8d0-4767-bd55-ad85a4b39ce9
.linksynergy.com/ Name: icts
Value: 2023-04-30T03:26:07Z
.smartadserver.com/ Name: csync
Value: 25:7e18644d-dfcd-4700-bae2-b858c123093b|127:AAG0Mk7Im8AAACX0SAR5zg
vpb-server.jwplayer.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIwMjY0YmYxZC03YjA4LTRiNmYtOGE4ZS00YWUwMzViNTc3MjQiLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwMzoyNjowNS43Njc4MDYzMzhaIn0sIm9wZW54Ijp7InVpZCI6IjEwODQwZWE2LWUyNTEtMDFiNi0xZjZjLTBjMjBiYjIyOTE2NSIsImV4cGlyZXMiOiIyMDIzLTA1LTE0VDAzOjI2OjA2LjgwMzcyMDY2MVoifSwic21hcnRhZHNlcnZlciI6eyJ1aWQiOiI3NTkxMzk5MTc0ODA5MjY3OTEzIiwiZXhwaXJlcyI6IjIwMjMtMDUtMTRUMDM6MjY6MDYuNzMwODY0Nzg4WiJ9LCJzb25vYmkiOnsidWlkIjoiN2UzNDFlNGEtNDBkOC00ZTU3LThlN2ItZTI1ZTJiMzRkOGNkIiwiZXhwaXJlcyI6IjIwMjMtMDUtMTRUMDM6MjY6MDUuODI3NzM5MTMxWiJ9LCJzb3ZybiI6eyJ1aWQiOiJHa0t1WkxaSG1uekdkVFZFUXNlbzhvMXAiLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwMzoyNjowNy4zNDg3MzM4OTdaIn0sInVucnVseSI6eyJ1aWQiOiJSWC04OWIxNTY5Mi03ODhjLTRjYTYtYjQxZC00ZWM3ZTYxY2ZlNjctMDA1IiwiZXhwaXJlcyI6IjIwMjMtMDUtMTRUMDM6MjY6MDYuNDcyNzU1MjlaIn0sInZpZGVvYnl0ZSI6eyJ1aWQiOiJlOTNmNTU0My0xNTAzLTQ4NjYtYTA4NC1mM2ZiOTAzNGUxZTciLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwMzoyNjowNi4wNTQ3OTcwNDFaIn19LCJiZGF5IjoiMjAyMy0wNC0zMFQwMzoyNjowNS43Njc3OTc3MzJaIn0=
.rkdms.com/ Name: sessionid
Value: h-d4ef2024b634dbba07145fc3eebd21ce_t-1682825167
.rkdms.com/ Name: sc
Value: 13%3A108051
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2C')x4=P@!]tbP6j2F-.aE+x<pBSLjEF2De:[$ek^K?Pe8P%Tgm4W)fF:FzwuB[w/X+GY1Qw2>Qa:wO
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6Ijg0ODQzNDczMDAxNDQxNTYzMzcyMyIsImV4cGlyZXMiOiIyMDIzLTA3LTI5VDAzOjI2OjA3WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA0LTMwVDAzOjI2OjA3WiJ9
.sitescout.com/ Name: _ssuma
Value: eyIyNiI6MTY4MjgyNTE2Nzg1MSwiMzkiOjE2ODI4MjUxNjU1NjcsIjE3IjoxNjgyODI1MTY2OTY3LCI3IjoxNjgyODI1MTY1NTY3LCI4MCI6MTY4MjgyNTE2ODA4OCwiNzQiOjE2ODI4MjUxNjU1Njd9
.krxd.net/ Name: _kuid_
Value: PhpDKLoQ
.pubmatic.com/ Name: pi
Value: 160318:3
.pippio.com/ Name: pxrc
Value: CM+/t6IGEgQIAhAAEgUI3k4QARIGCOzrARAA
.undertone.com/ Name: UID_EXT_47
Value: LH2UNJ0D-11-I4FG
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmFkYWQKpAwtLVaxIPgmlmZGAK4HV0IgAAAA
.undertone.com/ Name: UID_EXT_39
Value: 6237e64e-5b61-0e3c-1e65-d3f2cdd573ba
.undertone.com/ Name: UID_EXT_46
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vo~2bdf:1991~2bdf:18y3~2bdf:18yi~2bdf:190u~2bdf:18z9~2bdf:175w~2bdf"
.undertone.com/ Name: UID_EXT_56
Value: y-J5A_7IFE2uEPnEwkS6aquNupozOD.WsGM4nstTQ-~A
.undertone.com/ Name: UID_EXT_54
Value: 7445e901-6a06-4f6e-9922-eae1bd88b8e4-644ddfcd-4341
.undertone.com/ Name: UID_EXT_57
Value: ZE3fzJzbDxeIlhYvWWXiLwAAAB8AAAIB
.eqads.com/ Name: EQUser
Value: UID=d2441d25-b176-49b4-8c8e-3df4ebafd263
.pubmatic.com/ Name: SyncRTB3
Value: 1684022400%3A220_21
.simpli.fi/ Name: suid
Value: ED518F86BDFC4BD09DCABEFA949D728C
.addthis.com/ Name: ouid
Value: 644ddfd00001230a32746422b4d2f33022282044aa7b076decc4
.addthis.com/ Name: uid
Value: 644ddfd03943c7b3
.addthis.com/ Name: na_id
Value: 2023043003260831000902078528
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEC7DbHen0P3Jr8OrdL6zMbo&KRTB&22987-CAESEC7DbHen0P3Jr8OrdL6zMbo&KRTB&23025-CAESEC7DbHen0P3Jr8OrdL6zMbo&KRTB&23386-CAESEC7DbHen0P3Jr8OrdL6zMbo
.pubmatic.com/ Name: PugT
Value: 1682825168
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEBXZ8ngehyre1WuCoMxA8a+JUixCbOKdpLfYM1RPAn/D+MZO4jXePie2x1I3iHm0bdTkERLOEURSYbB5SW5XQ3rdNVfIqmtl3xXSTExHpjkdzpQ7vzkXQ/
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: SPugT
Value: 1682825167
.undertone.com/ Name: UID_EXT_53
Value: 2E1001A7-839A-4ED9-8778-5B400E970DC8
.onesignal.com/ Name: __cf_bm
Value: FNNcUoiHlYgNpALi5_fdXkNDILOOvO.Uv.BgGwucuKg-1682825168-0-Ae/5Ji60lx0LD1se7tzEvcDuVZ4f9ha7SagyEb9oE2TCq35GRrNKalIeZ2hGKJ396aIjABpAo0duMqdtIm4ig3k=
.itpro.com/ Name: _ga
Value: GA1.1.955708892.1682825163
.itpro.com/ Name: _ga_E36MVD1BQT
Value: GS1.1.1682825170.1.1.1682825170.60.0.0
.ml314.com/ Name: pi
Value: 3635329782389407799
.ml314.com/ Name: tp
Value: 4%3b4%2f29%2f2023+11%3a26%3a10+PM%3b0
.rlcdn.com/ Name: rlas3
Value: 3xljQRCh0QYgKUP7APdOhv4ocmPyH3vYPwH5oLotE2k=
.rlcdn.com/ Name: pxrc
Value: CM2/t6IGEgUI6AcQABIFCOhHEAMSBQjbThAF
.ml314.com/ Name: u
Value: aHR0cHM6Ly93d3cuaXRwcm8uY29tLw==
.eyeota.net/ Name: mako_uid
Value: 187d0324f1c-9230000010a5d2e
.eyeota.net/ Name: SERVERID
Value: 23854~DM
.cpx.to/ Name: cpSess
Value: 29331106d4aec039
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI_rOjnJXN5DsQBRIWCgdydWJpY29uEgsIoOS2n5XN5DsQBRIbCgxzaGFyZXRocm91Z2gSCwi4y6ajlc3kOxAFEhYKB3N2eDl0NTASCwjUwPuulc3kOxAFEhYKB2QwdHJvMWoSCwjGyJvSlc3kOxAFGAEgASgCMgsI-srQhKzN5DsQBTgBWgcwZmtjaW90YAI.
.cpx.to/ Name: dsp_app_nexus
Value: 6812978323417459240#1682825171267
.cpx.to/ Name: dsp_pubmatic
Value: 2E1001A7-839A-4ED9-8778-5B400E970DC8#1682825171370
.cpx.to/ Name: dsp_TTD
Value: afe08c8f-46f3-496c-a20b-84defbb30b2a#1682825171457
.cpx.to/ Name: dsp_dbm
Value: CAESEMNZhkBEGxzoQT67rRxx99c#1682825171463

10 Console Messages

Source Level URL
Text
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,94788
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=89871,90272,94788
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://vanilla.futurecdn.net/itpro/media/shared/js/jwplayer-sticky-desktop.147dc0f8715e81aca16a.chunk.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=733&segid=85395,89871,90272,94788
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://jwplayer.technoratimedia.com/openrtb/bids/jwplayer?src=prebid_prebid_7.6.0
Message:
Failed to load resource: the server responded with a status of 458 ()
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://pippio.com/api/liveramp.com
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://www.dianomi.com/js/contextfeed.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.brandmetrics.com/tag/62da25c406df470db725091722ab7306/itpro.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co
a.sportradarserving.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.servebom.com
ads.stickyadstv.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
ampcid.google.ca
ampcid.google.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
api.permutive.com
assets-jpcust.jwpsrv.com
ats-wrapper.privacymanager.io
aud.pubmatic.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bordeaux.futurecdn.net
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c21lg-d.media.net
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.jwplayer.com
cdn.mos.cms.futurecdn.net
cdn.onesignal.com
cdn.parsely.com
cdn.permutive.com
cdn.privacy-mgmt.com
cdn.undertone.com
champagne.futurecdn.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.jwplatform.com
contextual.media.net
creativecdn.com
cs.media.net
csync.loopme.me
cw.addthis.com
d.turn.com
de.tynt.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
entitlements.jwplayer.com
eus.rubiconproject.com
events-ssc.33across.com
f61aafe85714fdabf335e406d30345f0.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freyr.futurecdn.net
futureplc-com.videoplayerhub.com
geo.privacymanager.io
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
in.ml314.com
inv-nets.admixer.net
jadserve.postrelease.com
js-sec.indexww.com
jwplayer.technoratimedia.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
medianet-match.dotomi.com
mid.rkdms.com
ml314.com
mos.fie.futurecdn.net
nep.advangelists.com
onetag-sys.com
p.cpx.to
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.servebom.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-server.rubiconproject.com
prebid.media.net
ps.eyeota.net
pulsepoint-match.dotomi.com
purch-match.dotomi.com
purch-sync.go.sonobi.com
px.ads.linkedin.com
qds0l.publishers.tremorhub.com
r.skimresources.com
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtb.adstanding.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.cpx.to
s.spotim.market
s0.2mdn.net
sb.scorecardresearch.com
search-api.fie.future.net.uk
search-api.fie.futurecdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
slice.vanilla.futurecdn.net
sommelier.futurehybrid.tech
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl-market-east.smrtb.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
synacor-match.dotomi.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.pswec.com
tags.bluekai.com
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uat-net.technoratimedia.com
uk-script.dotmetrics.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vanilla.futurecdn.net
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
vpb-server.jwplayer.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.itpro.co.uk
www.itpro.com
x.bidswitch.net
x.videobyte.com
match.bnmla.com
ssl-market-east.smrtb.com
104.107.5.93
104.127.172.242
104.18.11.47
104.18.16.195
104.18.25.185
104.19.150.54
104.36.115.111
104.36.115.113
107.178.254.65
107.21.30.255
107.22.73.131
107.23.31.66
130.211.23.194
141.226.224.48
142.250.80.2
142.251.35.166
143.204.151.99
151.101.130.114
151.101.2.114
151.101.2.49
151.101.66.114
151.139.128.10
152.199.5.228
159.89.246.130
162.210.196.208
162.248.18.10
162.248.18.34
173.223.56.138
174.137.133.32
18.160.200.32
18.160.225.119
18.160.225.44
18.164.101.60
18.164.116.98
18.164.124.8
18.164.96.81
18.172.122.105
18.172.127.224
18.214.144.110
185.113.25.53
185.184.8.90
192.132.33.46
192.40.39.223
195.244.31.10
198.148.27.139
199.127.204.147
199.127.204.171
199.187.193.177
199.187.193.179
199.187.193.181
199.187.193.182
199.38.167.130
204.62.13.72
207.198.113.90
213.19.162.80
23.195.100.214
23.198.216.24
23.227.139.243
23.34.248.177
23.54.68.184
2600:1f18:4e9:5a07:79b9:bad9:3afb:a3d4
2600:1f18:612b:4232:7c88:3c62:7bac:f19d
2600:9000:2209:a200:1:a3fa:7cc0:93a1
2600:9000:2209:f200:1:a3fa:7cc0:93a1
2600:9000:2507:1000:1f:2473:9080:93a1
2600:9000:2507:4400:d:5ce3:a4c0:93a1
2602:803:c002:200::41
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:21f:2cf1:7be6:911:71d9:25f7
2606:4700:20::681a:932
2606:4700:20::681a:c12
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700::6812:16ea
2606:4700::6812:af
2606:4700::6812:d73b
2606:ae80:1471:16::730
2607:f8b0:4004:c17::9c
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2006
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80d::200e
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::200e
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f006:bbbb::16
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f011:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::626
2a06:8640:987::2
3.135.104.136
3.135.83.143
3.214.24.142
3.225.173.193
3.225.218.10
34.107.148.139
34.107.254.252
34.111.113.62
34.111.151.213
34.111.234.236
34.117.239.71
34.170.123.2
34.192.116.223
34.194.161.83
34.197.192.192
34.227.167.161
34.238.211.149
34.246.12.185
34.98.67.3
35.186.253.211
35.190.59.101
35.190.60.146
35.207.24.140
35.211.165.199
35.211.178.172
35.211.233.246
35.214.153.92
35.241.9.51
35.244.159.8
35.71.131.137
35.71.139.29
44.196.240.118
44.198.147.87
44.198.70.90
44.212.188.189
51.222.39.186
52.19.155.0
52.202.108.25
52.204.13.233
52.207.32.105
52.46.151.131
52.5.227.56
52.70.149.227
52.73.45.124
52.85.61.61
52.85.96.55
52.94.222.140
54.145.221.84
54.205.152.91
54.227.211.254
54.235.118.90
54.81.160.36
63.251.28.233
64.202.112.63
67.202.105.23
67.202.105.31
68.67.160.114
68.67.160.75
69.166.1.10
69.166.1.12
69.173.151.100
72.251.238.254
74.119.119.150
74.121.140.211
8.18.47.7
8.252.240.250
8.252.29.122
8.28.7.82
8.28.7.83
8.39.36.141
8.43.72.98
96.17.64.208
96.17.64.29
96.46.186.57
99.84.37.91
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1
03e7ec360ad4fe34905cf24aaff6120e839790a8d4db20d1ea66ba0e0d016fb3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072b55359f2331e73f47f41e96fe5c7d640eaee1a1343d81e9c59477bbaf636f
08e69a4ed954f11f54fd9e48819534c6056c746c6672c7904f242193f6d58ba7
09979f555298f71322a12b9259094d8cf3bc9e381a2413fdde14e69da62ec28c
099d35db4f708c1127c50f466617aefaa4e2c04c1bd796a8d45161617673a72b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d17dd41efe96f911558858a7fbb1c002f6ba31b19d24fd6ff0d9270b9d70cb2
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce
0f677d8783bc1f246f04d56df6da822ecc56db557544d3e8d7343e08c0b117c4
1288df0a77810a31168d5f3cca4d5e22aad4886b3930ee08595b4c589c490ea9
159ce30ad349ae6583f958ab75efbdffec063b1ded2d5de0ff44fa2529306c85
162c6eea796e0b8eae9dcfdf4ae06993797bb21db13b7315d60fb95049955abf
16d16160bebde74a854d1fc23e9aa6cd2d4c23ab066cf5fd69a894a3cdf0e73a
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
194f3293c5a64feebf85f551c3c8ebf988bcdd53719eaedab0aceb14cc8099a4
1ca312ab70201beee7a8aff0f20264fb1ad5fa37fe08d558d0f248259396bf9b
1d10dbfb8e87d4edf1929357193e783dba709ee6404dc37cd987fc1b356a1f4b
1d1b125509d8acbf90968f6dd62075db08934bf78ce3445085a234125c4e7fe5
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
207d34710a6e16285cc94819b07f33cd95a291331d15714ebf7ee173c067592c
22a834d5ba739a54209c14f8e3b1244ee37f8a8f975d7fdaed646359ac9bdf17
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
25aff18b950910fe069aa94c941a0c1220301891b39bd52e997deb1c84a1408c
25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
25f3bfccb8f74bf191e962cbe3bb3864b14ec35f383c2dabe0a65492d7faab67
2834f0efb72fb53a5fec863e6033556ede826fcf1a8b25757768fad523ff1dd6
28bc2280781d820509c72c551b779595cbd4a74126bb376d8feebd06a9b572f1
299182523432e90745bd30b529ed1bc58a9df3b181eedadc8ceec28516f9605d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2b78fb90f007ec2613b516660da8a40745400bb38e93df98b13734ca8ac43687
2bb1b8c31850a3f853a52dc7b42408fe48a3ba47646635a8c03cbaa44697992d
2c6d13081750bfcfb93cb02b49b291d1055d5ec08d4e2e7ea8205b089c0ab390
2ddc632c3a86aacb7dd2c6da2c0f1fd61e7e7ccdc74f310aae2cc85342cf7d3a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
303b174cca4ac96e9cd4d462892a151a8f7681ca6bd295e7f061812e6fbd325c
30b5ca931526bd5b415760ad5cd17573072ea36badf5283fe768e3002ac1521b
3188d77b7c82555fdbd3a7c6688ff7ffa788dcbd06ad065c02bed79d5e0bdb16
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32bedf4fc89a1f0d1716659793930f2dfe6062b7fc1375ed620086811abd3019
349f3e2de5639697a9374bd7bc7eef5bf6f89436d74e6fdacd59424c1e050f1e
34d6cb8d3da7f39258f889f9b29a979d8e2eff97e15651688c3c3f4605d000fb
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
35334400bec8f4c230e7b91c17c4cc96e17caebb6e144bf43dab0e57c4cf90e5
3584f93195a7ed781e096a86602ea6f64f9ae572abfa3f2c66131dc7a1c1e4c4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8f04bbd1fbfee993646d1d64ae0df7842105f4f58df03c92dc4b5a73183307
3e65844ea3621494ec26acac0bed8f9d8caf18155dd94017baee84d41563041d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f850b873a6a2db355fec9fbaaa13b585498b128c72f877ef0a75f3f1749b089
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
42659e10606682c6ced7d1c1a7b3fa923e173a60bece08b86acb5f4882111b7b
431c521514509f4ef00a49cfbfb161924a38f6c87185d59dfdeec5d40c1ce068
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478d7db2012e97743162bb73dab95c045e3533bade97a2c0b0f435c2ebbeebe8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4a7a659a1b8a811f331f5b6fd5d0eed07a4ce6d43adbf7be275edeb526553b7a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb49a9ae066bc8b3ea183098d0e96660ca98014bcf0782947f6184e9733f732
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502ce491f9981b7e125f4eb591c25f78e16a759cf52d4726d26eae2b57fdef9c
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
51a08d115648f141f45b015c0513e05d053b7d27b70c09c611dc3ef339e95bae
522d33efcc61e39de38c61930d72f4d7352fb72b03b8641f0886d149b7a57b2c
523a160b94aa60d4440a0f0cfcab996ea5af037a3be307f6a05c2f8d56ec7dc8
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c62a74009688baeeaa927112d3b2ac3a38babb2389b2bd030ce21f36f8106b
5756f0c3ffdb3158a395092934f42c6b5aadc1045553ca68fe6ad29eac76d53f
5c5f0a61fbd5ffbf05e1585883a4c1264f396517cf5dc46a68bb0529230ae499
5d95b5088265f50a8f40fc6cd0faa5325c29bebe87fe81a85f969c23b278e3f7
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6019d8ccb76312dc1e1328b7e54802616311bf6d6b438418a2ba60512a5d9e5c
63605ac98d7f39a42377abf9a1f64a4d75e1b61989b9b6820a58ad7b0cb05cfb
63db600caaa5335f3270ba4ea9169793c61c827299e3d5b82521ae98d3f76cc0
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147
66732ac5ea743b7c5041ea968062eb32ade9edd4d26dc934388b4f0f222c8a75
687d700fbd8f929109c6796ce90d38138a865c1671f8971ecad8200f6f3805b1
69bc6a7d93e0fb524d0872c1be88834c14147d5ae7da3c71fdeb7574359ea9ae
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0
6c08f9e0842df5d56fbf57b1b606d35a70ad354f3b57b6066635082452b3ac90
6c4bcbf57f8959f0ba6d6aa95975ae4b9c7bf0fb003ce72a8656bf308d88cf83
6ed37e8ff4b515fb0c9ba90d1dc4a85c241994a7a454efa001209660d67c5778
6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9
6f30512918099b651f305fa9c9c508b9e10ba105f0e89d8ad6af79c19bea1a4e
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
6fbaf2336408c342199cb374b13009e6b7f5d51f8b3fc4d6737eb091b4316b18
704f059368f40ccce9f9cdb4f069e9cee17a6a12d4900f2391e5ac2ac7e8ddbe
7064d6d5294ef022f43efc7ff3123f4564e2c6919382895478efd2d37b702f23
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
714005341a2586e849c2b3d373b309609644242f316a359c43ed296730ae956e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7620edc3c9dee61b01469b10ed543c1753e2daf7f206e80f5d578cba5f8a4e9b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a7def00f212ecc81e9f69517c76a1eb2b83651467b5786f2dd6f4e4d97ff2e5
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7c3268909cac296c2ddd0fe17f4c92c4eabcdce66304365c02a99249e113fdf3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82061d5aac200e4ae6e6beca7e5361b0971f08d848febb283e8e18e62f3383a2
8228e0e475535e7eb82fa27b79bf7e0c7f12eb643447688a30e49882916af6f6
8284038fcb9666bd9258d31b8d762d2728cc1a565d30f6f71ed9e32d3e57d891
828d6ee308a5f4de2313a650decbfaf8774938dc7c9e78f1686892ea622fbc2a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837a26f4380e06026ac45901c15a5536ab4ed6cca1b099c8874801bf65e9d81e
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
850092ba53ac9b5ddd14e94607ff6a510cbbd6a4b7e732c10a18878eb3c0407d
85627b739737c8538ff74bd5edf5babf24a50f39d7b685e0370732431710e225
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
87ec72dddebab85709b6102e9b4d255e72d8d6208e171d3488a56fea558b1fea
880bb130cdb3841fbc351624d5d504a0a9359354a299b2e1d2d630208c264489
89b70d3b42eeb21714ce9cd514bd659a16f36c8d46732e0c691e3607301ef903
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8c53cfcd23a2f2bc5a3359880627918590ac0ec1f9925ed249edcf0bbc4531d7
8c5a33eaec1f774cc6795ae95883441e2b5a34794d5a7ac2780e3fd7e55a0544
8da2df2e6263a874b5548303460f8673f55a9948c84fe3efb6b4c85f25b9ecde
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fc3f5c6ae75700026ae34a5f17d10c0814ff5703357e4e36fc7d29ff2abbb67
8feb88d54326d8b62ded416cc77970ca3939ef3c293e14d45cce83ef1d965783
937aac98f13bf892c36cc5f50146f54052271ae66368f565506796826de269b8
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
95c832d87d667c2fffc317d8723616f857790b346aa0b493d37cb9bd6d145cdd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a450adc11167fe47aaa001689c40ebfeff30a964ba412dd0520129c35ef0d0f
9c4978c1d109c500b026d774c56a4914e26dd62f3a2ccf34e549fcc85afb0bca
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a42db2fa590eecaf8afb732a95be403b894696f3688dfce183200436d57e2cbb
a433aa84dc845542a44df16a65a685191bf3dbb91ffdf251f6a0711c3f45e3c8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a501d499f6532efe4ba6dc3098dc617b9dcbe5232627b4144baae3cd54995717
aa2b2d50da4be949ce86e857f7bc091ac57e1a9f75fc6e4d3e52441ffb6c1622
aae46588e22c3f48aba79a31219636b6ba9f4797b400f3e78f35e75b353607c8
aaf6cd6b0a06166fdca3a5bf8dbbfe08dc2418c7b3bc4594c16bd5b2bbe3764a
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aed1f09c9197c189b1c9b08216a3bca38de439527ad97da28761c744cc9d2fc3
aeece92e7a5e48afb1d478e5b3c3801dc5216d911cb24fc0140b972a21661af8
b0bcb9d0b9aec08cf95a638e8f7fa24ac816a914681cab567d4718e6af416616
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b45f66e9f2a017b743894260cd9f328ec59c54f88c7cf1fc91f9b192fa2b3293
b64e97b23e9e1c6c12f0be6114e0c8d368be59b87c885bafba08ec14d6da7063
b6c14f344cefb2ce04797ff6fab068e04af8116dfda7c1fa69aebab24508fe2c
b6c79b5559654c57bb181aebc74a4687abf0d9f5e64fd75ddaf9b612ee829e7a
b8366958d9924de881d26da81525ee24f530974fa9e4096e1483b58c9fc33529
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8a41afc334505bed23f530c1ddbcd1e94bc06ba028e914e9ee2387397f3126
bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e
bcbdd7d7e74de830df279c0d2483873aa056f06c6991b6a7201af89b0c9195ea
be6df29fec7557868e70308f8e4c492a8e941e0c44b6f88ce6176021b1ea257c
bea24d6d6fbe66b16ddd45a09e5d4d575c4a2a72c1c837b33d6b1c4948f055b8
bea62015bf6a41d5e8d0dd77fdb6be95b7027a157fce018a452194afd6073b47
beec51606224f8fcc9f2cd7f9ce7da689352c54d81696a83ff950e3599860e34
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfdca37fe8dacc889872f1808296a5e3491ab77289d73c07a67361cb9f423ac4
c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819
c106846be2b6d531dd353cdfc6af00efdcdce38f0ded4cfeb081e23466121f4e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2bfc78270177189594fa11b552bb6ccd7000bd3aabd68aac3a2a2a87b0ecc6e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c564b1bd3750403c1be3715329aac66d95251dac48377652eae00e74bc5280d9
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc965dabe0d60fcd51acdbb6f45ed2ed49f5bf0eefb362d1c806a845fd8a45ed
cd090578f949988d88531c0c98339766364ed6cdcfd7bca0d49905c44e56a260
ce74a00f821f7f857fd92a73485b1dc5fa7373c61ea04cf37c42921421d25ea3
cea86d756a89b9f2f042c1cb0b881e2793dd1121737dc211f752e56cb988c7cc
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d0f92e2c1f3b042de55c25d08d1a75b685dbe844cc1318b5d30395c301dc1001
d124fa8b2c0be98fe3f3a41ce3de48ecb4f74fbba4cbe4d76b258f205198ea71
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1bb21d5880eedae3704f385acb49675b3d112589491b2d27b48689e0db456bb
d3534d2e3f9e77a667106416716da4f605ea3f1a3180a13d90d89622e96f9ffa
d5e1b4b1df9b4fb4b4ba9cb1866789e3869004cdc8a624fc016e56139193a341
d759b229df277a372ecc833c0e5fe07ea087e7401077b7b8c5243d1849d7980d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10
d905eb71a8a01bced2ee7bf50cce529b0d011d76348a2094d45c3fb1e4dda975
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db20b4846e1b03778300d634e1a0a14cf4627c5a9baeca0a2032bff4a151e5ae
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde4edf8dc06e4c94cc42039e1dcef86bfc3114f550b9c6e6dcf3430a748990c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1b1d09e3cad033741bdeb24f33f0e5e41720e514e26b948dd39adb93e94f04e
e25463f998d8185abfd114fc94abb218682898b619c3d3721adf375ffb95b162
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b6986921a9f133b75b62ceb38304ba9901db94506380df4c343e6aaffce833
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
e6f02adf0c747af952421fed264b61a9d568062b964d3512e24ee05d755494ea
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7fb7b4e76eab40749a2f533f4c51933f84b9fb836e2e88f548e6de4f77c6545
e8b458ee497c85c90fc8de6a9e1152e4594cd719f1b785904d4d30cb4e06e72c
e9723eb6a9705346630fe4eac739c8af6eca11ae57393d45c95bce048231427d
eabe045d8da42ba1ca91baa3d824d943bed374591382267b6ef95bff3813b7cf
ead15bed156bc5887df33122fdd784b8c749d357693233c87293a14827537a20
ec71caf37d821593e3ae2d66f083bad79228e7939970840a8e6895b3fd0c66f5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed684f280f990b072c6578a25b58f40da97c72120c8863ca5e21991a7ab1067
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05247e67552f8ac4899608cee355521efd3d31c13acb3054302ae9d2bd51ec0
f0558d4c4942be82fabff261964cbe334fdb8457c683b4047e8f4bc67db8a261
f28e998e72341f6e22102995edbda874f24f6c454ef90c4055d05c4643d45e2a
f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
f71e43717c2deabc5fb17ab78189733634524eb3bd21a3a4e868a9fbc2473863
f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083
f75702d3ae35b7e3a1217bef39a33221a05643d2cdd0df96856ef1d63d5cccbd
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fa9024748ea13aa5247fdd873dd053d6b9e00232e5de9e449f06448aafe84ad5
fd5ca9b5e63c1931e62e35da36cabcc4089e3cc0f2d575be240fbbbdb37f5e3c
fde3958fc7b3011078e5ee89f3eadb030b67d8c4592204641fb8d2063bf1ec2c