urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Submission: On December 15 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 11 countries across 136 domains to perform 443 HTTP transactions. The main IP is 104.20.59.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 61421.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 11th 2022. Valid for: a year.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.59.209 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
33 104.26.13.6 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
5 23.198.216.120 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 15 151.101.66.137 54113 (FASTLY)
1 143.204.146.41 16509 (AMAZON-02)
2 52.85.61.120 16509 (AMAZON-02)
3 2600:1901:0:7... 15169 (GOOGLE)
7 34.160.110.8 15169 (GOOGLE)
1 142.251.40.166 15169 (GOOGLE)
1 184.28.213.65 16625 (AKAMAI-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
1 3 18.164.96.90 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
1 23.54.69.151 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 151.101.130.137 54113 (FASTLY)
16 17 15.197.193.217 16509 (AMAZON-02)
4 12 35.190.60.146 15169 (GOOGLE)
3 3 192.35.249.138 11742 (SPOTX-IAD)
4 34.160.128.112 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 4 2620:100:a001::c 19750 (AS-CRITEO)
3 143.204.144.76 16509 (AMAZON-02)
2 74.119.119.139 19750 (AS-CRITEO)
6 100.20.115.147 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
1 3 2620:116:800b... 14618 (AMAZON-AES)
1 184.28.213.46 16625 (AKAMAI-AS)
1 108.139.50.211 16509 (AMAZON-02)
1 104.64.59.24 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:21d... 16509 (AMAZON-02)
1 141.95.33.111 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
12 34.107.140.113 396982 (GOOGLE-CL...)
2 34.149.20.76 15169 (GOOGLE)
2 8.2.111.124 46636 (NATCOWEB)
2 2a02:2638::24 44788 (ASN-CRITE...)
2 69.166.1.15 27630 (AS-XFERNET)
4 34.236.83.94 14618 (AMAZON-AES)
1 2 3.92.113.255 14618 (AMAZON-AES)
1 54.88.76.203 14618 (AMAZON-AES)
1 10 50.16.138.112 14618 (AMAZON-AES)
2 141.95.98.64 16276 (OVH)
1 44.237.176.198 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 3 63.251.86.49 32475 (SINGLEHOP...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 6 68.67.179.89 29990 (ASN-APPNEX)
1 9 44.239.200.92 16509 (AMAZON-02)
2 10 162.248.18.37 62713 (AS-PUBMATIC)
6 8 107.178.246.49 15169 (GOOGLE)
18 25 142.250.176.194 15169 (GOOGLE)
7 8 8.43.72.98 26667 (RUBICONPR...)
5 22 34.98.64.218 396982 (GOOGLE-CL...)
4 5 3.218.90.66 14618 (AMAZON-AES)
1 4 23.49.100.28 16625 (AKAMAI-AS)
2 2 44.209.207.157 14618 (AMAZON-AES)
6 6 68.67.161.208 29990 (ASN-APPNEX)
22 195.244.31.10 63140 (IGUANA-WO...)
1 18.164.96.6 16509 (AMAZON-02)
17 17 35.211.178.172 19527 (GOOGLE-2)
2 2 199.38.167.130 54312 (ROCKETFUEL)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
6 7 34.226.72.146 14618 (AMAZON-AES)
1 1 109.206.161.21 50245 (SERVEREL-AS)
2 2 35.214.223.115 15169 (GOOGLE)
6 6 70.42.32.127 22075 (AS-OUTBRAIN)
4 5 72.247.65.183 16625 (AKAMAI-AS)
1 1 3.132.97.243 16509 (AMAZON-02)
3 3 54.243.58.43 14618 (AMAZON-AES)
1 1 63.251.28.233 13789 (INTERNAP-...)
2 2 96.46.183.20 7979 (SERVERS-COM)
1 1 192.132.33.46 18568 (BIDTELLECT)
1 107.151.11.50 55081 (24SHELLS)
6 184.28.212.188 16625 (AKAMAI-AS)
2 51.222.39.186 16276 (OVH)
5 5 104.127.172.242 16625 (AKAMAI-AS)
10 23.192.31.127 16625 (AKAMAI-AS)
1 199.187.193.177 47043 (SMARTADSE...)
2 2620:100:a001::4 19750 (AS-CRITEO)
5 8.28.7.81 62713 (AS-PUBMATIC)
1 1 213.19.162.80 26667 (RUBICONPR...)
2 2 2600:1f18:1c9... 14618 (AMAZON-AES)
1 4 199.187.193.192 47043 (SMARTADSE...)
2 2 198.148.27.140 19189 (PULSEPOINT)
3 3 151.101.194.49 54113 (FASTLY)
2 23 8.28.7.83 62713 (AS-PUBMATIC)
3 7 209.54.182.161 16509 (AMAZON-02)
8 8 216.200.232.249 30419 (MEDIAMATH...)
1 3.218.77.41 14618 (AMAZON-AES)
2 3 34.225.175.117 14618 (AMAZON-AES)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
3 5 2600:1f18:4e9... 14618 (AMAZON-AES)
4 8.28.7.84 62713 (AS-PUBMATIC)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 6 8.43.72.97 26667 (RUBICONPR...)
2 2 67.220.228.202 16509 (AMAZON-02)
2 8 23.227.139.243 55081 (24SHELLS)
8 22 35.71.139.29 16509 (AMAZON-02)
6 6 207.198.113.86 13768 (COGECO-PEER1)
3 4 3.211.208.93 14618 (AMAZON-AES)
10 10 199.127.204.171 26120 (RHYTHMONE)
3 5 35.227.252.103 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:251... 16509 (AMAZON-02)
1 34.120.107.143 396982 (GOOGLE-CL...)
17 23.200.196.24 16625 (AKAMAI-AS)
2 23.44.133.61 20940 (AKAMAI-ASN1)
5 104.81.240.21 16625 (AKAMAI-AS)
1 23.22.34.165 14618 (AMAZON-AES)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 23.78.138.84 16625 (AKAMAI-AS)
10 10 2606:ae80:147... 25751 (VALUECLICK)
3 3 54.83.173.41 14618 (AMAZON-AES)
2 2 74.119.119.150 19750 (AS-CRITEO)
3 3 35.190.90.30 15169 (GOOGLE)
1 2 108.139.29.63 16509 (AMAZON-02)
4 4 35.207.24.140 15169 (GOOGLE)
13 13 67.202.105.24 32748 (STEADFAST)
2 4 67.202.105.33 32748 (STEADFAST)
2 2 52.207.100.100 14618 (AMAZON-AES)
3 3 54.82.227.189 14618 (AMAZON-AES)
2 4 104.18.99.194 13335 (CLOUDFLAR...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 204.62.13.72 46636 (NATCOWEB)
5 6 185.167.164.49 198622 (ADFORM)
2 34.205.97.218 14618 (AMAZON-AES)
2 2 54.243.126.57 14618 (AMAZON-AES)
11 34.117.239.71 396982 (GOOGLE-CL...)
1 1 141.148.45.191 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
1 2 52.1.215.83 14618 (AMAZON-AES)
1 2 50.57.31.206 19994 (RACKSPACE)
1 2 4.78.226.233 3356 (LEVEL3)
1 44.208.184.190 14618 (AMAZON-AES)
2 2 34.204.240.59 14618 (AMAZON-AES)
2 2 173.231.178.116 32475 (SINGLEHOP...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 2 54.81.205.56 14618 (AMAZON-AES)
2 2 104.66.251.81 16625 (AKAMAI-AS)
1 1 172.104.105.5 63949 (LINODE-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 35.186.193.173 15169 (GOOGLE)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
3 3 141.94.171.216 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 159.65.196.12 14061 (DIGITALOC...)
443 119
1    104.20.59.209 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
1    2607:f8b0:4006:80c::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
33    104.26.13.6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
6    2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    2607:f8b0:4006:824::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:81f::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
5    2607:f8b0:4006:823::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
5    2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
5    23.198.216.120 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-120.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
m.addthis.com
s7.addthis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
15    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
img.connatix.com
cks.connatix.com
1    143.204.146.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-41.ewr52.r.cloudfront.net
ecdn.analysis.fi
2    52.85.61.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-120.ewr53.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
3    2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
functionalfeather.com
7    34.160.110.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.110.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
1    142.251.40.166 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net
ad.doubleclick.net
1    184.28.213.65 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-213-65.deploy.static.akamaitechnologies.com
widgets.outbrain.com
3    2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
3    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
sb.scorecardresearch.com
3    2607:f8b0:4006:80d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:21dd:0:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    23.54.69.151 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-69-151.deploy.static.akamaitechnologies.com
z.moatads.com
1    2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
8    2607:f8b0:4006:80e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
securepubads.g.doubleclick.net
3    2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
3    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
vid.connatix.com
17    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
12    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
3    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
4    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    143.204.144.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-144-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
6    100.20.115.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-115-147.us-west-2.compute.amazonaws.com
id.hadron.ad.gt
seg.hadron.ad.gt
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    184.28.213.46 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-213-46.deploy.static.akamaitechnologies.com
s.ntv.io
1    108.139.50.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-50-211.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    104.64.59.24 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-59-24.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:21dd:a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
12    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    8.2.111.124 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
2    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
4    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
2    3.92.113.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-113-255.compute-1.amazonaws.com
match.sharethrough.com
1    54.88.76.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-76-203.compute-1.amazonaws.com
jadserve.postrelease.com
10    50.16.138.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-138-112.compute-1.amazonaws.com
ads.yieldmo.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    44.237.176.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-176-198.us-west-2.compute.amazonaws.com
a.ad.gt
1    2607:f8b0:4006:808::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
e0923b16691b2b855992e1f8c6e4bed1.safeframe.googlesyndication.com
3    63.251.86.49 (Woodbridge, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
6    68.67.179.89 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
9    44.239.200.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-200-92.us-west-2.compute.amazonaws.com
ids.ad.gt
10    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
8    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
25    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
cm.g.doubleclick.net
8    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-us-east.rubiconproject.com
22    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
google-bidout-d.openx.net
5    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    23.49.100.28 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-100-28.deploy.static.akamaitechnologies.com
hbx.media.net
c21lg-d.media.net
2    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
cs.emxdgt.com
6    68.67.161.208 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
22    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
1    18.164.96.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-6.jfk50.r.cloudfront.net
api-2-0.spot.im
17    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
7    34.226.72.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-72-146.compute-1.amazonaws.com
match.prod.bidr.io
1    109.206.161.21 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
6    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
5    72.247.65.183 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-65-183.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
1    3.132.97.243 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-97-243.us-east-2.compute.amazonaws.com
sync.adotmob.com
3    54.243.58.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-58-43.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    107.151.11.50 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
6    184.28.212.188 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-212-188.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
5    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
5    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    2600:1f18:1c96:4103:3aff:d9d1:28bb:85c3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
4    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
23    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
7    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    216.200.232.249 (New Market, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    3.218.77.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-77-41.compute-1.amazonaws.com
bpi.rtactivate.com
3    34.225.175.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-175-117.compute-1.amazonaws.com
i.liadm.com
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    2600:1f18:4e9:5a07:5032:8a68:2087:27ba (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
8    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
22    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
6    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    3.211.208.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-208-93.compute-1.amazonaws.com
sync.crwdcntrl.net
10    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2600:9000:2511:6800:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
17    23.200.196.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
2    23.44.133.61 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-133-61.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
5    104.81.240.21 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-240-21.deploy.static.akamaitechnologies.com
warp.media.net
hblg.media.net
cs.media.net
1    23.22.34.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-34-165.compute-1.amazonaws.com
protected-by.clarium.io
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    23.78.138.84 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-138-84.deploy.static.akamaitechnologies.com
lg3.media.net
10    2606:ae80:1471:12::440 (United States)

ASN25751 (VALUECLICK, US)
medianet-match.dotomi.com
yieldmo-match.dotomi.com
33across-match.dotomi.com
pubmatic-match.dotomi.com
3    54.83.173.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-173-41.compute-1.amazonaws.com
pm.w55c.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
2    108.139.29.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-63.jfk50.r.cloudfront.net
aa.agkn.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
13    67.202.105.24 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
2    52.207.100.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-100-100.compute-1.amazonaws.com
aorta.clickagy.com
3    54.82.227.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-227-189.compute-1.amazonaws.com
sync.ipredictive.com
4    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
6    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    34.205.97.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-97-218.compute-1.amazonaws.com
sync-adform.ads.yieldmo.com
2    54.243.126.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-126-57.compute-1.amazonaws.com
t.pswec.com
11    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    141.148.45.191 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    52.1.215.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-215-83.compute-1.amazonaws.com
io.narrative.io
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    4.78.226.233 (Paradise, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
1    44.208.184.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-184-190.compute-1.amazonaws.com
rtb.adentifi.com
2    34.204.240.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-240-59.compute-1.amazonaws.com
ads.creative-serving.com
2    173.231.178.116 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-8.sys.adgear.com
cm.adgrx.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    54.81.205.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-205-56.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    104.66.251.81 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-66-251-81.deploy.static.akamaitechnologies.com
px.owneriq.net
1    172.104.105.5 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-5.members.linode.com
gocm.c.appier.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
3    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
49 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 852
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image4.pubmatic.com — Cisco Umbrella Rank: 824
simage4.pubmatic.com — Cisco Umbrella Rank: 1176 Failed
aud.pubmatic.com — Cisco Umbrella Rank: 4185
63 KB
34 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 161
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
175 KB
33 bleepstatic.com
www.bleepstatic.com — Cisco Umbrella Rank: 89483
558 KB
30 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 563
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835
eus.rubiconproject.com — Cisco Umbrella Rank: 529
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2005
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 957
63 KB
28 media.net
hbx.media.net — Cisco Umbrella Rank: 1208
contextual.media.net — Cisco Umbrella Rank: 540
warp.media.net — Cisco Umbrella Rank: 2500
hblg.media.net — Cisco Umbrella Rank: 1815
lg3.media.net — Cisco Umbrella Rank: 5094
cs.media.net — Cisco Umbrella Rank: 1387
c21lg-d.media.net — Cisco Umbrella Rank: 1799
182 KB
28 openx.net
u.openx.net — Cisco Umbrella Rank: 653
rtb.openx.net — Cisco Umbrella Rank: 1546
us-u.openx.net — Cisco Umbrella Rank: 411
oajs.openx.net — Cisco Umbrella Rank: 2630
google-bidout-d.openx.net — Cisco Umbrella Rank: 2574
4 KB
26 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1969
ssc-cms.33across.com — Cisco Umbrella Rank: 848
events-ssc.33across.com — Cisco Umbrella Rank: 1882
9 KB
22 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 335
10 KB
22 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 769
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 4783
6 KB
18 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3356
cds.connatix.com — Cisco Umbrella Rank: 3433
capi.connatix.com — Cisco Umbrella Rank: 3609
ins.connatix.com — Cisco Umbrella Rank: 4665
capi-tier-1-us-east-2.connatix.com Failed
vid.connatix.com — Cisco Umbrella Rank: 4204
img.connatix.com — Cisco Umbrella Rank: 3994
cks.connatix.com — Cisco Umbrella Rank: 3731
628 KB
17 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
8 KB
17 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4234
a.ad.gt — Cisco Umbrella Rank: 3631
p.ad.gt — Cisco Umbrella Rank: 4335
ids.ad.gt — Cisco Umbrella Rank: 3201
seg.hadron.ad.gt — Cisco Umbrella Rank: 7976
29 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
9 KB
14 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1139
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
6 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
55 KB
13 pub.network
a.pub.network — Cisco Umbrella Rank: 4823
d.pub.network — Cisco Umbrella Rank: 5243
c.pub.network — Cisco Umbrella Rank: 5044
454 KB
12 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 414
ib.adnxs.com — Cisco Umbrella Rank: 210
11 KB
12 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 629
sync-adform.ads.yieldmo.com — Cisco Umbrella Rank: 6156
7 KB
12 t13.io
s2s.t13.io — Cisco Umbrella Rank: 4074
14 KB
12 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 567
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 331
1 KB
10 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 8215
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 4352
33across-match.dotomi.com — Cisco Umbrella Rank: 2790
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
3 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
bidder.criteo.com — Cisco Umbrella Rank: 713
dis.criteo.com — Cisco Umbrella Rank: 658
3 KB
9 spotim.market
s.spotim.market — Cisco Umbrella Rank: 5087
sync.spotim.market — Cisco Umbrella Rank: 2070
4 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
4 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 409
1 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
5 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
2 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
3 KB
6 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
4 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 522
4 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
2 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 761
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
3 KB
5 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
tags.bluekai.com — Cisco Umbrella Rank: 512
3 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
69 KB
4 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 500
847 B
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1393
5 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 901
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
2 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
35 KB
4 floors.dev
api.floors.dev — Cisco Umbrella Rank: 8279
5 KB
4 addthis.com
s9.addthis.com — Cisco Umbrella Rank: 136753
m.addthis.com — Cisco Umbrella Rank: 1627
s7.addthis.com — Cisco Umbrella Rank: 1678 Failed
217 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
e0923b16691b2b855992e1f8c6e4bed1.safeframe.googlesyndication.com
169 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
1 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3040
1 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 846
1 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 977
807 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
1 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 552
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
867 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
2 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 939
pixel.quantserve.com — Cisco Umbrella Rank: 666
cms.quantserve.com — Cisco Umbrella Rank: 639
11 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 562
2 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 897
api.btloader.com — Cisco Umbrella Rank: 1011
107 KB
3 google.ca
adservice.google.ca — Cisco Umbrella Rank: 14299
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
3 KB
3 functionalfeather.com
functionalfeather.com — Cisco Umbrella Rank: 51006
21 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
623 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 870
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1375
835 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
1011 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3857
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4141
965 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2021
643 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 3103
1 KB
2 bing.com
c.bing.com — Cisco Umbrella Rank: 255
953 B
2 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1552
867 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 705
715 B
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1711
592 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1376
675 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
58 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1736
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
508 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 707
2 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1031
640 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 487
539 B
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1452
sync.go.sonobi.com Failed
2 KB
2 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1425
502 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
650 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1010
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
74 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383
102 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 23217
cdn.firstimpression.io — Cisco Umbrella Rank: 23306
100 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
120 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
462 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
280 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3206
347 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4752
368 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1955
395 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2002
292 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1201
762 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1008
35 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 799
222 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1274
783 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2368
586 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4118
390 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1366
345 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2467
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2875
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
1 KB
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1644
109 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 696
482 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
578 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1368
750 B
1 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 2473
506 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2081
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2646
192 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 971
649 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1200
17 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3120
148 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3170
11 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6126
461 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
704 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1903
855 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 389
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
466 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1353
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 29029
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 999
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com Failed
1 KB
1 bleepingcomputer.com
www.bleepingcomputer.com — Cisco Umbrella Rank: 61421
16 KB
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 springserve.com Failed
tv.springserve.com Failed
443 136
Domain Requested by
33 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
25 cm.g.doubleclick.net 18 redirects www.bleepingcomputer.com
eus.rubiconproject.com
u.openx.net
eb2.3lift.com
ads.yieldmo.com
23 simage2.pubmatic.com 2 redirects ads.pubmatic.com
visitor.omnitagjs.com
www.bleepingcomputer.com
22 eb2.3lift.com 8 redirects a.pub.network
eb2.3lift.com
17 contextual.media.net www.bleepingcomputer.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
17 x.bidswitch.net 17 redirects
17 visitor.omnitagjs.com a.pub.network
visitor.omnitagjs.com
eus.rubiconproject.com
ssbsync.smartadserver.com
ads.pubmatic.com
s.spotim.market
17 match.adsrvr.org 16 redirects a.pub.network
16 us-u.openx.net 3 redirects u.openx.net
google-bidout-d.openx.net
13 ssc-cms.33across.com 13 redirects
12 s2s.t13.io a.pub.network
www.bleepingcomputer.com
visitor.omnitagjs.com
u.openx.net
11 events-ssc.33across.com de.tynt.com
eus.rubiconproject.com
10 eus.rubiconproject.com visitor.omnitagjs.com
eus.rubiconproject.com
contextual.media.net
de.tynt.com
10 image2.pubmatic.com 2 redirects ads.pubmatic.com
www.bleepingcomputer.com
10 ads.yieldmo.com 1 redirects a.pub.network
ads.yieldmo.com
9 ids.ad.gt 1 redirects www.bleepingcomputer.com
8 sync.spotim.market 2 redirects s.spotim.market
ads.pubmatic.com
8 sync.mathtag.com 8 redirects
8 pixel.tapad.com 6 redirects ads.pubmatic.com
google-bidout-d.openx.net
7 sync.1rx.io 7 redirects
7 s.amazon-adsystem.com 3 redirects ads.pubmatic.com
google-bidout-d.openx.net
eb2.3lift.com
7 match.prod.bidr.io 6 redirects visitor.omnitagjs.com
7 id.rlcdn.com 2 redirects www.bleepingcomputer.com
visitor.omnitagjs.com
contextual.media.net
u.openx.net
7 img.connatix.com www.bleepingcomputer.com
7 securepubads.g.doubleclick.net www.googletagservices.com
cd.connatix.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 pixel-sync.sitescout.com 6 redirects
6 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
6 ads.pubmatic.com visitor.omnitagjs.com
ads.pubmatic.com
s.spotim.market
contextual.media.net
a.pub.network
6 b1sync.zemanta.com 6 redirects
6 ib.adnxs.com 6 redirects
6 secure.adnxs.com 6 redirects
6 a.pub.network www.bleepingcomputer.com
a.pub.network
securepubads.g.doubleclick.net
5 idsync.rlcdn.com 2 redirects google-bidout-d.openx.net
www.bleepingcomputer.com
5 rtb.openx.net 3 redirects u.openx.net
5 px.ads.linkedin.com 4 redirects eus.rubiconproject.com
5 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
u.openx.net
5 image6.pubmatic.com ads.pubmatic.com
5 secure-assets.rubiconproject.com 5 redirects
5 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
5 ups.analytics.yahoo.com 4 redirects google-bidout-d.openx.net
5 u.openx.net 2 redirects a.pub.network
5 token.rubiconproject.com 4 redirects www.bleepingcomputer.com
4 33across-match.dotomi.com 4 redirects
4 p.adsymptotic.com 2 redirects eb2.3lift.com
4 de.tynt.com 2 redirects a.pub.network
4 rtb.mfadsrvr.com 4 redirects
4 sync.crwdcntrl.net 3 redirects visitor.omnitagjs.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 c.pub.network a.pub.network
4 c2shb.ssp.yahoo.com a.pub.network
4 id.hadron.ad.gt a.pub.network
id.hadron.ad.gt
4 gum.criteo.com 1 redirects contextual.media.net
4 api.floors.dev a.pub.network
4 fonts.gstatic.com fonts.googleapis.com
4 cds.connatix.com www.bleepingcomputer.com
cd.connatix.com
3 pixel.onaudience.com 3 redirects
3 pixel-us-east.rubiconproject.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 odr.mookie1.com 3 redirects
3 pm.w55c.net 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 ad.turn.com 3 redirects
3 i.liadm.com 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 stags.bluekai.com 3 redirects
3 creativecdn.com 3 redirects
3 ap.lijit.com 3 redirects
3 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
3 sync.search.spotxchange.com 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.ca pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
3 d.pub.network a.pub.network
3 functionalfeather.com a.pub.network
functionalfeather.com
3 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
2 tags.bluekai.com 1 redirects www.bleepingcomputer.com
2 visitor.fiftyt.com 2 redirects
2 px.owneriq.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 pmp.mxptint.net 1 redirects visitor.omnitagjs.com
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects visitor.omnitagjs.com
2 io.narrative.io 1 redirects visitor.omnitagjs.com
2 t.pswec.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 yieldmo-match.dotomi.com 2 redirects
2 sync-adform.ads.yieldmo.com ads.yieldmo.com
2 c.bing.com eb2.3lift.com
2 aorta.clickagy.com 2 redirects
2 c21lg-d.media.net contextual.media.net
www.bleepingcomputer.com
2 aa.agkn.com 1 redirects visitor.omnitagjs.com
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 medianet-match.dotomi.com 2 redirects
2 lg3.media.net www.bleepingcomputer.com
2 pippio.com 2 redirects
2 hblg.media.net www.bleepingcomputer.com
2 qsearch-a.akamaihd.net www.bleepingcomputer.com
2 aax-eu.amazon-adsystem.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
www.bleepingcomputer.com
2 um.simpli.fi 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 static.criteo.net a.pub.network
static.criteo.net
2 onetag-sys.com visitor.omnitagjs.com
s.spotim.market
2 ads.betweendigital.com 2 redirects
2 csync.loopme.me 2 redirects
2 p.rfihub.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 hbx.media.net 1 redirects contextual.media.net
2 seg.hadron.ad.gt a.pub.network
2 id5-sync.com cdn.id5-sync.com
2 match.sharethrough.com 1 redirects ssbsync.smartadserver.com
2 apex.go.sonobi.com a.pub.network
2 bidder.criteo.com a.pub.network
2 colossusssp.com a.pub.network
2 ssc.33across.com a.pub.network
2 cdn.id5-sync.com www.bleepingcomputer.com
securepubads.g.doubleclick.net
2 api.btloader.com freestar-io.videoplayerhub.com
2 mug.criteo.com www.bleepingcomputer.com
2 ad-delivery.net www.bleepingcomputer.com
2 cks.connatix.com www.bleepingcomputer.com
2 ins.connatix.com cd.connatix.com
2 www.googletagservices.com a.pub.network
securepubads.g.doubleclick.net
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 s7.addthis.com s9.addthis.com
2 www.googletagmanager.com www.bleepingcomputer.com
www.googletagmanager.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aud.pubmatic.com www.bleepingcomputer.com
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb.adentifi.com visitor.omnitagjs.com
1 cms.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 protected-by.clarium.io www.bleepingcomputer.com
1 warp.media.net www.bleepingcomputer.com
1 oajs.openx.net oa.openxcdn.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 bpi.rtactivate.com ads.pubmatic.com
1 pixel-eu.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com visitor.omnitagjs.com
1 s.spotim.market visitor.omnitagjs.com
1 bttrack.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.e-volution.ai 1 redirects
1 vid.vidoomy.com visitor.omnitagjs.com
1 api-2-0.spot.im visitor.omnitagjs.com
1 p.ad.gt a.ad.gt
1 e0923b16691b2b855992e1f8c6e4bed1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a.ad.gt id.hadron.ad.gt
1 jadserve.postrelease.com s.ntv.io
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 pixel.quantserve.com www.bleepingcomputer.com
1 rules.quantcount.com secure.quantserve.com
1 secure.cdn.fastclick.net www.bleepingcomputer.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 vid.connatix.com cd.connatix.com
1 capi.connatix.com cd.connatix.com
1 cdn.hadronid.net www.bleepingcomputer.com
1 btloader.com www.bleepingcomputer.com
1 freestar-io.videoplayerhub.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 m.addthis.com s9.addthis.com
1 v1.addthisedge.com s9.addthis.com
1 z.moatads.com s9.addthis.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 static.adsafeprotected.com functionalfeather.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 widgets.outbrain.com www.bleepingcomputer.com
1 ad.doubleclick.net www.bleepingcomputer.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cd.connatix.com 1 redirects
1 static.cloudflareinsights.com www.bleepingcomputer.com
1 s9.addthis.com www.bleepingcomputer.com
1 www.gstatic.com www.bleepingcomputer.com
1 www.google.com 1 redirects
1 fonts.googleapis.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 cs.admanmedia.com Failed visitor.omnitagjs.com
0 sync.go.sonobi.com Failed www.bleepingcomputer.com
0 api.rlcdn.com Failed a.pub.network
0 tv.springserve.com Failed cd.connatix.com
0 imasdk.googleapis.com Failed cd.connatix.com
0 capi-tier-1-us-east-2.connatix.com Failed cd.connatix.com
443 208

This site contains no links.

Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-11 -
2023-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
*.pub.network
E1		 2022-10-31 -
2023-01-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
analysis.fi
Amazon		 2022-11-03 -
2023-12-02		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
functionalfeather.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2022-08-22 -
2023-09-23		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.confiant-integrations.net
E1		 2022-11-24 -
2023-02-22		 3 months crt.sh
*.hadronid.net
GTS CA 1P5		 2022-12-14 -
2023-03-14		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2022-11-30 -
2023-02-28		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
id.hadron.ad.gt
Amazon RSA 2048 M02		 2022-10-31 -
2023-11-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-10-20 -
2023-01-18		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
s2s.t13.io
GTS CA 1D4		 2022-11-23 -
2023-02-21		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2022-09-08 -
2023-10-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.postrelease.com
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.spot.im
Amazon		 2022-10-04 -
2023-11-01		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-11-25 -
2023-02-23		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-12-02 -
2023-03-02		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.yieldmo.com
Amazon		 2022-09-12 -
2023-10-12		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh

This page contains 70 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Frame ID: F7DA511ADAE770CD5D6E48B9872257B0
Requests: 179 HTTP requests in this frame

Frame: https://cds.connatix.com/p/208028/connatix.playspace.js
Frame ID: 9AA5BDC4A10FC062358B25D53957CF23
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 363784437D49192AA6586B2665788BB8
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 5B6F5A3EC316D9AB3D611A586B09E8A5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 714DAA459DF419665A6CD18E9D28F1E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1671048912&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671124871833&bpp=5&bdt=491&idt=346&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&correlator=7035940084554&frm=20&pv=2&ga_vid=1617610065.1671124872&ga_sid=1671124872&ga_hid=592695765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C31071266%2C44780792&oid=2&pvsid=3598040350531576&tmod=1478953451&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=omKiifHtiI&p=https%3A//www.bleepingcomputer.com&dtd=376
Frame ID: 347EE7A2568F91C4D904D1A49680D1E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1671048912&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671124871851&bpp=2&bdt=508&idt=465&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=7035940084554&frm=20&pv=1&ga_vid=1617610065.1671124872&ga_sid=1671124872&ga_hid=592695765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C31071266%2C44780792&oid=2&pvsid=3598040350531576&tmod=1478953451&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=480
Frame ID: 554DA8681BC7F11BABBC927E57DD4259
Requests: 1 HTTP requests in this frame

Frame: https://e0923b16691b2b855992e1f8c6e4bed1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9AE4BDD594F96F620991B551D2DD4DB
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=7964311275014384432brt53491671124874305228b3
Frame ID: A46C1E4B12CE683B152B3175CCCD03F9
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Frame ID: 87C3BB5629CEECD4B468B100E10861FB
Requests: 23 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: 6F5DFC678CA53601FFFD528D6CEABCE0
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Frame ID: EC2FD9E601A652E400A57FD7598BFA12
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: C3601771E19A934D80D40001603A9B49
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: A753F02D66035A08355809FE912DD826
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 74CFA723D97A60B9471C6EF82B784DDC
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 88F9856CFFF5D48B7637071E63A173D2
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5tXigAEOaXcXAAF&gdpr=0&gdpr_consent=&_test=Y5tXigAEOaXcXAAF
Frame ID: 070D0441CDCE69D1476B5480A0201C78
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 880EB24027DD65A016FFDBD5C997159D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&gdpr=0&gdpr_consent=
Frame ID: FE4460B30C5675FBA69C20258DDC4A39
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=BF66B2B7-10A4-4A33-8409-E018E75178B2
Frame ID: D26A84425E803B494A4A396BFDC7BB14
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: 58ACB21185E87354F490ACBA0B7F7257
Requests: 12 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=7964311275014384432
Frame ID: 190D7C749AADEAEB34008A7D41346FEE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: B9A39B29E79187731B252FEDCE33D43B
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=2442628202676436868836
Frame ID: E3368D3AC6E9BABB89994BD712D1B4D1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 5862A42200F0D81E0284B4470CED6FAF
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4McwMJIAENk6WLeRYM8i97tV5HO7XNlNL2V3WITlEhaYAwcfF02Vb6lbQkFBNZPwwkLsZU-TD2HXrJx7sqadU9vJsaQXyzZvG575H0GvtFu9EAETLaevKczU-RHTM_n8EiovIDTpb74-coXfV7s2cxegcVnxi2WDyHgOcPfeBvyRXSK0KWvqETV9qaYGRemYwSCO7ekVvuqfTPkibmyl_90tFpcsjjP6V5xdyqxJIN1sHeVMY_5iUuKbr1vXahESBZUXXVPJMRHaduKG1kYrhvWzIduOljDyBrgeBfB0KdXKiTTA8goO_0PMkEM0YfMFOFFCajGBM2EZgm2QtJXvArK8jli87c4Xs78TKt0-tqVorH4mDm0QfZQ&sai=AMfl-YTioBkssCrdVEjV5KthDw4qmNqlKRxgj8nejRsTCgb-cs07m7vCwHNTWYum3qMBm293phZhZj4CZmR5po2-_u6U-onzngUDQlnQpF8TM8eKZPR_CqEaeEJLwQBCEO-3ew&sig=Cg0ArKJSzDcmc-ZYS2MtEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 50AD19957AAB7C48EBE1A7381B4F75BA
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUJN5H60
Frame ID: FB6380E859A4BA8113F7B6426BE3B712
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2BF829FDC44BB57422AF61CC1E27764C
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: F7991D8A417B38ABB4A2D594EDAA1B9C
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: DA2CC4084595603211FCC70973451B78
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=rkt&refUrl=&vid=11248761733141264741454978000V10&ovsid=979321829986624376
Frame ID: ADDF277873A9EFE497275439901B22BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Frame ID: 90C93ABBC27C535A41EB01E32C31A175
Requests: 10 HTTP requests in this frame

Frame: https://lg3.media.net/bql.php?vgd_len=6474&&&vgd_l2type=scs_newfl&fp=swwbhrdvmBluHtJwqatH7DbHrEODrqvUWgFs2f9FO-lDEw_HqKli9sl6v-20VJIqxzEUwYGsj8w9e6oCgtvIjpYaZ_a7ua5s1fTVJLcRY6vi_rIipA0ZxjJ_7Nwr5PRxsaQf7Kdol6A%3D&cme=cdf4c2LCbdgeJPO9HvByXoF45e18A-EBAKmync6vLL_LK1ssdVdV4h7vPb8I2wRwrJgfqfbfS26FS74UPaYN6da9E2Qpd8eQjT0oYmoXwJAVukblZGjOhLV0PDzeUe-mB5lZJp88ACd9JP_2YTtcWS6c98-oMJfLdSyxvuon9IR1FmVwdRTnCzqkEF-ESmElgcaUYGY5Z6dr_JbjNDtN-RmhgKIvD8-gYdd3EhaGIV0nF8Y9F2z5WBgOyvBx7Dzrr_TqfpgvpA-L-7E17DBzqblYPy-xSU9UWA_4H73WVFY-D7yZJQxMOw%3D%3D%7C%7Cu8A6SM53vAfaQjZs4_BhVa0vlYcK5wuf%7CC_NcdaVhzolsa5HgEbC9_IQ1Y67RAVgq%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7CEVkNJxBRqoP_J0F3KfbFrCA2YLiukW1jkP-l_HUIAFEPkV_wjKlgX8w-ERobzk58eQes8CXiTYQlrqDEO2uz4lyzmrzQk9q4IfDdyfJz-73ek-KZ-_FFnUvn0SMsKepc%7Cxrl5Md8q4--ak7-wv91iACsyPTYzlqzS3-gZHnz02sSPE7vJLw7fi-lkUtCNE1lX%7CLH1dTwCq5qB6GahnxcsXb8rdzOJhysRckKfsHui6lomn9yX32aatLse_L0xKmeSeDy3amhxCGEMeYOR3K3uKqQOsBaRq34H9BhoelA1McBdhoYPchi79980mXXaiYzbM72brK0AEI1d-WtHZz-8sHCRXDaGLuFffls3Pc80m2CvyyA-zsitZUdlNr04sUUemM4N0MSVngTAkPD3nEJZYJu6aJLLZspgieyW7wU5S8OR3xGd8mMer1clijkz0bz1k%7C&ksu=224&fdkt=453&vgde_kbbh=ffoyxQJuO&kwd[]=Downloads+for+Windows&kwt[]=453&kbc[]=1261624125&kwp[]=1&kid[]=8857422&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D0.39%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.39%7C2%3D3.42%7Cps%3D1.350%7C3%3D0.17%7C4%3D4.00&ktd[]=274911592704&ktrkt[]=Downloads+for+Windows&kwd[]=Window+10+Software&kwt[]=453&kbc[]=1261624125&kwp[]=2&kid[]=329806942&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D0.89%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.86%7C2%3D3.87%7Cps%3D1.350%7C3%3D0.32%7C4%3D2.52&ktd[]=274894815488&ktrkt[]=Window+10+Software&kwd[]=Buy+Microsoft+Windows+11&kwt[]=453&kbc[]=1261624125&kwp[]=3&kid[]=351068000&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D1.05%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D1.04%7C2%3D4.61%7Cps%3D1.350%7C3%3D0.42%7C4%3D1.47&ktd[]=824650629376&ktrkt[]=Buy+Microsoft+Windows+11&kwd[]=2022+Home+Window+Replacement+Cost&kwt[]=439&kbc[]=1261624125&kwp[]=4&kid[]=350751337&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D1.40%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.91%7C2%3D2.39%7Cps%3D1.063%7C3%3D0.87%7C4%3D2.20&ktd[]=282299627340032&ktrkt[]=2022+Home+Window+Replacement+Cost&kwd[]=Upgrade+to+Windows+10&kwt[]=439&kbc[]=1261624125&kwp[]=5&kid[]=324607107&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D0.75%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.75%7C2%3D3.92%7Cps%3D1.063%7C3%3D0.10%7C4%3D1.47&ktd[]=281749888303360&ktrkt[]=Upgrade+to+Windows+10&kwd[]=Windows+Operating+System&kwt[]=453&kbc[]=1261624125&kwp[]=6&kid[]=30902075&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D1.16%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D1.15%7C2%3D4.82%7Cps%3D1.350%7C3%3D0.04%7C4%3D1.17&ktd[]=274894815488&ktrkt[]=Windows+Operating+System&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=15040&hint=&cc=CA&wsip=170774658&bca=0&ugd=4&vgde_setid=Nff&cid=8CUJN5H60&vi=1671124875517388533&vsid=3141264741454978&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=0&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUJ8GUQF&vgd_hb_audit_2=664252065&vgd_refdomain=bleepingcomputer.com&vgd_katid=807110681&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3DvDef%7C%7Caghl%3Dna%7C%7Cttd%3D8&vgd_kalog=MI%3D2942%7C%7CSI%3D2940%7C%7CUUID%3D2IakVxlSEhRH9IsuRM%7C%7CCI%3D2942%7C%7CMPTD%3D640%7C%7CTLID%3D6%7C%7CSID%3D8%7C%7CHID%3D0%7C%7CTPTD%3D779107378038276&vgd_pdtid=1&vgd_nrrv=4901&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=montreal&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1671124875104008076&sttm=1671124876055&upk=1671124876.2860&hvsid=00001671124876055025035145494478&verid=3111299&vgd_matchstr=hr%3D0&sbdrId=128&vgd_vsidtv=000V10&vgd_ecrid=S0300080711068100970009099999900&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO44IW71&&abpl=2&&kbbq=%26asn%3D16276&&vgd_vstrid=3141264741454978&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9F~QYYMG8Ov9.9X~e8QMQOvAh9~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ffufuXuu~8xLjMGvuXiif.Af~xLjM7UNv9~Q7OvGjJJE8zyNmYEx7JLMih9-i9MhfW-i9MAf9-X9MQ78NU5~c0v.*NmYEx7JL.*QJNxL875.*~j1Q7v~e8QMxLjMGv9.WH~8Evf6%20xx%2F~kGGv9~e8QMxLjMjvA9~L88Ex1v9%2C9~J7vuH~LNvf%2CWHh~LEQMQOvf9ffufuXu9~e8QMGvi9F.hX~xLjMGv9.9F~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvA.AuWu~xLjMjvf9~yN17vX99XAu~GGvufW~eev9~jfLMGvu999~JLEYv9.9X~ejfLMxLjMUNv949~ejfLMxEMjv9~GYvu~QYYMQOvf9ffufuX9A~Q8OvAGG9F1AAhJ9fiONFfWJuG9ON9iHhiikF~QOv9~x8OvfV1Z8%20Ba2aLpVUGdNi~G7OvWfuf9X9uWHuuffWAFhfAAAFFFXihhWFAihHA9FuihuXfXfXH9HAFiufhfiFiFXX9uf9F9hAWAiAWAWHfAFFuFFuhiWH~UGMQLNvUGG~OfEMjvF9~AENkvuAWh.WH~x8Yv9~eBMYJOv9.hi~OYYMQ7LyvQYYMY8yL178mzM7JQ7~ejfLMxEMGv9~OfEMGv9.iu~myOfEMGv9.iu~exLjMGv9.uu~QQvuF99-uf99~UGMOjvJz~x8Bvou~NJv9~LEQMGvHW.fi~exLjMjvf9~%3DVvfW9h~z7Qvu~UGMxjvzS1~UGMNNUQv9~c0fv.*NmYEx7JL.*QJNxL875.*~7Gvou~N7vYmz7LJ1j~8QDJkv9~8exLjMGvi.H~0sv9~8Q8kv9~jNvu~G8Ov9.9X~UGME7vIm7n0LmNJQQJO~ONvh~ejfLMGvu.ui~8exLjMjvf9~QxEEj5M71yM8OvGjJJE8zyNmYEx7JLMih9-i9MhfW-i9MAf9-X9MQ78NU5~NGOEv9.9X9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov~O7NvJ1Q7MQN~O1jyvQYY~w7Yjvu~QmGEv9.9F~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9F9~1NM75EJvu~875EJM8OvA~QJjjJLM71yM8OvGjJJE8zyNmYEx7JLMih9-i9MhfW-i9MAf9-X9MQ78NU5~N1LL8JLVOv9~QYYM1E8veu~8GNvu~Y-JvyJO~Y-GzvKf~zQlvu~7yQvih9-i9~GQGvX~GQEv9~7Y-vfHf&vgd_optout=0&vgd_bhv_kbb=-1&vgd_cfud=220406&vgd_scsver=373&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001671124876055025035145494478&subBdr=128&bdrid=4&rc=0&rand=1671124876318&acid=da66b40f870344e89216db37aa17d505&matm=1671124876319&requrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&vgd_ren_page_h=1200&vgd_ltimesrc=1&vgd_ltime=477&vgd_rtime=452&vgd_etm=9&vgd_l1hcsd=A35%7C8266&vgd_l1ch=1&vgd_lhl=3181&vgd_pgid=p0194243871t202212151721&vgd_adprefflag=11&vgd_adpref_diff=100&vgd_csip=rtb-common-6c55845b5c-vkmf5.SC&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=4901&vgd_cntrdt=SL%7CDIV-rc_bleepingcomputer_970x90_728x90_320x50_sticky%7CDIV&vgd_crefurl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&vgd_eadm=1&vgd_end=1
Frame ID: CE0A16A63F292C0514BEAB902FD6226E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D937EB0434C060716770138DB379F997
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Frame ID: 386CFC91F62E56D2387D1F84EA43BF47
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 52066053BE4DC1315058CC75BD9C44DA
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Frame ID: C9951DAB3E3F2E9218C7CB717D23F583
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5E9FC037F53C4AA5067D7CD8007A7823
Requests: 7 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 886F063CA72B03284B10FFC1D631599B
Requests: 6 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: EF843DEAEFF1C95C9BE838FF6C968298
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 982B1DA1D180CE0B55D5E89016430B9C
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 58A476F01025CBFE947352C7F25E7731
Requests: 7 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 94335BCB35D60A21429CCEFD76A30247
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: E24AED9DE1B63DD39CAEEAB3CF497148
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 0E090945A4FD3B5D6627C58387B49727
Requests: 3 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
Frame ID: E8D724FFB409040A3C7C78957ED900C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7964311275014384432&gdpr=0&gdpr_consent=
Frame ID: 0342E925DAAF61EAFD3A79D14CD9E47C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 8771CC126CB0CC026CFB7523C188AFF5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4B0A3A06C8E9871F82E2924BAEFED30F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH
Frame ID: 3D921AD6FF31064F0EC1FD355230706B
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Frame ID: C659CFC4CD49ED96E64A15F0FB525C21
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent=
Frame ID: A0A76E1BBBE338B7FBCE004837B0AECB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e39fbfc8-7c9c-11ed-906a-20af8fa26946
Frame ID: 599D302FC7AFD6080F44B8C643D1F134
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=b1JTdUEjRwBUzqRKsovRkJU4mbU
Frame ID: 1DF6B46C363DBCCB89C463A370A2A64A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7238038F0BE4B7E5CDD109B501E4558D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K1UoQABr1P5RV25&gdpr=0&gdpr_consent=
Frame ID: F50C29581B0C5BB5D778F5E60AB621C7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720627700828
Frame ID: AD53030F7D65C84A17DD08EB866172B1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Frame ID: 38986C08D80BF7A12503572686268A08
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SMPY43EtM
Frame ID: 3350017A379AB09E2F48BBEAC08B25E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 67D7769A7152ACD034F8F6A465775A9A
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Frame ID: 28292C2F3FD36A87B54041CA7E8EEB94
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244112822114767911
Frame ID: CF0047A19E5455A9F90FD41843399D6D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vnFER7iXAMyEWLklj1ebYw
Frame ID: E0D3D3846DAEC8A148B9FBFF837D1DB1
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: D8193DF07378DD3237F9B1D00CD01E2E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 6C7B4532A75F6F9DD5008C223B5909B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=fd1ea09c-a0e6-4862-8559-e03c0d6660a2
Frame ID: C2AF638FB451984E1E34BD74AC8C5674
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CEB7D2A50F5F31A5AF2DC248E22FABE0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923&gdpr=0&gdpr_consent=
Frame ID: CE552E4D695536EE8CC31F0565AA8B40
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=pba&refUrl=&vid=11248761733141264741454978000V10&ovsid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Frame ID: FE05D8C18676C16410FBEFEACDE8C8F8
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=BF66B2B7-10A4-4A33-8409-E018E75178B2
Frame ID: 2B8DA412690E751B647246FCAA92BEF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

443
Requests

64 %
HTTPS

22 %
IPv6

136
Domains

208
Subdomains

119
IPs

11
Countries

3595 kB
Transfer

10525 kB
Size

257
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 24
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/208028/connatix.playspace.js
Request Chain 75
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1671124872339&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&c8=Microsoft%20patches%20Windows%20zero-day%20used%20to%20drop%20ransomware&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1671124872339&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&c8=Microsoft%20patches%20Windows%20zero-day%20used%20to%20drop%20ransomware&c9=
Request Chain 95
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttl=1673716872
Request Chain 96
  • https://id.rlcdn.com/712202.gif?cparams=6db773666cc44d6e9db03090a45b01a9 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCIiv7ZwGEgUI6AcQAEIASiA2ZGI3NzM2NjZjYzQ0ZDZlOWRiMDMwOTBhNDViMDFhOQ
Request Chain 97
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d6db773666cc44d6e9db03090a45b01a9%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d6db773666cc44d6e9db03090a45b01a9%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=df9602a9-7c9c-11ed-995f-196b415d0403 HTTP 302
  • https://cks.connatix.com/cks?pid=10&ev=6db773666cc44d6e9db03090a45b01a9&pname=SpotX&api-tier=1&uid=df96025e-7c9c-11ed-995f-196b415d0403
Request Chain 98
  • https://sync.technoratimedia.com/services?srv=cs&source=connatix&uid=6db773666cc44d6e9db03090a45b01a9&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d26%26ev%3d6db773666cc44d6e9db03090a45b01a9%26pname%3dSynacor%26api-tier%3d1%26uid%3D%5BUSER_ID%5D%26direct%3D1 HTTP 307
  • https://cks.connatix.com/cks?pid=26&ev=6db773666cc44d6e9db03090a45b01a9&pname=Synacor&api-tier=1&uid=330DBB44390F43F1AF2E5B58C83F3E4B&direct=1
Request Chain 117
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=scbTU3w0eWZqcTBpQXpibGhVWk9NT1ZKYWlBalVlYTNSUGpXd28yR2gwdzE2M3Fia1FhT1g3MDAwSmZXM3JRc0RuV1dwVGdDNjlWdGkwT1daSEN5azRwVmp4RzdnNWN5RTNmTG1jaGIyY2Y2MGVEcTFQcytIZjhKaENrQzM0OHdLNmRlYlo1SGxENUdaN25SNEZXYytFSnhrL3Rudmd1czVqREdDOXhiQ2plMVNpMzAwU2Z3bklRekI4a0pRZnpqbGJ3MWN5YXplWEhkWDgwMWpLVWdub0pnSENlTWNLWktPdjBCNFNpVVVOUDZNMmpMSjIwanVnL09DQWd4WkZBeTE2azN2fA&cppv=2
Request Chain 144
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=930966de-908b-44db-8bb4-acb19f7301b1
Request Chain 150
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g6b678312c8c42161cb9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 157
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=F0jxhLZH6eZ53b2YQ6iZr4eq
Request Chain 159
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&adnxs_id=7964311275014384432&gdpr=0
Request Chain 160
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001671124874-JANQWHA9-Q40V&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&id=AU1D-0100-001671124874-JANQWHA9-Q40V
Request Chain 161
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BF66B2B7-10A4-4A33-8409-E018E75178B2&id=AU1D-0100-001671124874-JANQWHA9-Q40V
Request Chain 162
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001671124874-JANQWHA9-Q40V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001671124874-JANQWHA9-Q40V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%252Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001671124874-JANQWHA9-Q40V%2526tapad_id%253D2ab77f41-7cd1-441d-b7c6-59ab82a4c385&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttd_puid=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%2Chttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26tapad_id%3D2ab77f41-7cd1-441d-b7c6-59ab82a4c385 HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&tapad_id=2ab77f41-7cd1-441d-b7c6-59ab82a4c385
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001671124874-JANQWHA9-Q40V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001671124874-JANQWHA9-Q40V&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&google_gid=CAESEJQUe065baF8t1dKTsftxMA&google_cver=1&google_ula=450542624,0
Request Chain 164
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001671124874-JANQWHA9-Q40V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTEyNDg3NC1KQU5RV0hBOS1RNDBW
Request Chain 167
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26auid%3DAU1D-0100-001671124874-JANQWHA9-Q40V HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26auid%3DAU1D-0100-001671124874-JANQWHA9-Q40V HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=11ba4ab2-49b8-4e3e-90bb-cffc18f235b1&id=AU1D-0100-001671124874-JANQWHA9-Q40V&auid=AU1D-0100-001671124874-JANQWHA9-Q40V
Request Chain 170
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-tqvvwgJE2uGC0FZ8X4mOd3eXYSOdjbkP7cL6._A-~A
Request Chain 176
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3141264741454978000V10
Request Chain 184
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9ZW14X2RpZ2l0YWwmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZmPWImdWlkPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=7964311275014384432&redirect=https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9ZW14X2RpZ2l0YWwmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZmPWImdWlkPSRFTVhVSUQ= HTTP 302
  • https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=7964311275014384432brt53491671124874305228b3
Request Chain 187
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7964311275014384432&gdpr=0&gdpr_consent=
Request Chain 188
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7964311275014384432&gdpr=0&gdpr_consent=
Request Chain 190
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adyoulike HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=979321829986624376&expires=30&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 191
  • https://creativecdn.com/cm-notify?pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zS9xYaq9SKvFy03JE4a7&name=RTB_HOUSE&pi=adyoulike&tc=1
Request Chain 192
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&name=THE_TRADE_DESK
Request Chain 194
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Request Chain 195
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Devolution&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=57bff3a4-128a-4db0-899d-6d2cda5ec48e&name=evolution
Request Chain 196
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d96d5bac-a01a-4766-8710-3d9ae828fe2c%20&gdpr_consent=null&gdpr=0
Request Chain 197
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=hEm9IiKFmxmiwfaXe787&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD22CFNU4US2KLIZWXQ3LJO5TGCWDFG44DO&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6QSBJZHEKURGOR2GYPJXGIYCM5LJMQ6WEZDFMY3GEZBZGVRDONBVGBRDIZJWGJQTGMTEMI4GGN3EHBRTSZBGOZUXG2LUN5ZD22CFNU4US2KLIZWXQ3LJO5TGCWDFG44DO HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hEm9IiKFmxmiwfaXe787
Request Chain 198
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=yH6YX6kHP9S5e3yY820t&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6XSSBWLFMDM22IKA4VGNLFGN4VSOBSGB2A&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6TSBKREVMRK7GFPTEJTUORWD2NZSGATHK2LEHVTDEZBZGEZTMY3GGUZWIZLEMU3WMOBTMJQTCNRRG4YWCMZXMZSGIJTWNFZWS5DPOI6XSSBWLFMDM22IKA4VGNLFGN4VSOBSGB2A HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=yH6YX6kHP9S5e3yY820t
Request Chain 199
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=087e2204074fbc2682981cf6&gdpr=0&gdprConsent=
Request Chain 200
  • https://sync.srv.stackadapt.com/sync?nid=33 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6f525375-4123-4700-54ce-a44ab28bd190$ip$149.56.153.181&name=STACKADAPT
Request Chain 201
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=9968dfaf7bb9a2ba4ef7b1b35c491cdc&gdpr_consent=&gdpr=0
Request Chain 203
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=F0jxhLZH6eZ53b2YQ6iZr4eq
Request Chain 204
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX&gdpr=0&gdpr_consent=&crf=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e3edcfd0-0cbe-535d-ab56-dfc9c8cd8842&name=BETWEENX
Request Chain 205
  • https://sync.search.spotxchange.com/partner?adv_id=8778&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D5a6dfefcb43521ff293762793ad668db%26visitor%3D%24SPOTX_USER_ID%26name%3DSPOTX&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=df96025e-7c9c-11ed-995f-196b415d0403&name=SPOTX
Request Chain 206
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f8fd8ca0-0476-4fcb-bfba-dcf4e7751703&name=BIDTELLECT
Request Chain 211
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 212
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 219
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&khaos=LBPCLP5R-B-JTJD HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LBPCLP5R-B-JTJD&name=RUBICON
Request Chain 221
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=b0d17272-277e-468d-a259-401b3a43ec6a&gdpr=0&gdpr_consent=
Request Chain 222
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
Request Chain 223
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7725544352171782613&gdpr=0&gdpr_consent=
Request Chain 224
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=X7ml1G9Ozzw9&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 225
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5tXigAEOaXcXAAF HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5tXigAEOaXcXAAF&gdpr=0&gdpr_consent=&_test=Y5tXigAEOaXcXAAF
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 227
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&gdpr=0&gdpr_consent=
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v2aytxCkSjOECeAY51F4sg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 231
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=BF66B2B7-10A4-4A33-8409-E018E75178B2 HTTP 303
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&_li_chk=true&previous_uuid=c7b5c72a34414960a95a0d94a9bf8957 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2F92713a74599c460dae3dc5b1a59ccd0b%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&c7b5c72a-3441-4960-a95a-0d94a9bf8957 HTTP 302
  • https://i.liadm.com/s/e/75145/0/92713a74599c460dae3dc5b1a59ccd0b?mpid=7156&muid=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 232
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BF66B2B7-10A4-4A33-8409-E018E75178B2 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D2ab77f41-7cd1-441d-b7c6-59ab82a4c385%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7964311275014384432&pt=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%2C
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkY2NkIyQjctMTBBNC00QTMzLTg0MDktRTAxOEU3NTE3OEIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIAndhdRbqszG_NLVWyaATU&google_cver=1
Request Chain 235
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923
Request Chain 236
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 237
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
Request Chain 239
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1rePhKpE2uVhn1yTAVuGw3CXACzetg0-~A&gdpr=0&gdpr_consent=
Request Chain 240
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmNDZhY2Y5YWFkZmQ0YTc2MTFlZDRlNzMzZmYyMmEyY2RjZWYwZg
Request Chain 241
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPCLP5R-B-JTJD
Request Chain 242
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQQ0xQNVItQi1KVEpE
Request Chain 243
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/D47uwR0LmluyJvlA8ELI5g?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_FGJpqBE2oL95cu0RYg2RybhvZn.mErtCj388g--~A
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOUEmZVjN61nBDztgjdMWyI&google_cver=1
Request Chain 245
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mDkiw_o8QHqCj7zhNF8qbA&rk=usync-other
Request Chain 246
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CGgK2wJdSVyRrbyd2KdWBQ&rk=usync-na
Request Chain 247
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=&expires=30
Request Chain 249
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=7964311275014384432
Request Chain 251
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=2442628202676436868836
Request Chain 252
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ddfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341%26partner_url%3Dhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D309017%2526extuid%253Ddfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341%2526gdpr%253D%25240%2526gdpr_consent%253D%2524 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ddfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341%26partner_url%3Dhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D309017%2526extuid%253Ddfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341%2526gdpr%253D%25240%2526gdpr_consent%253D%2524&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3Ddfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=$0&gdpr_consent=$
Request Chain 253
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1671124875231 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3749987486 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e5c0b27e-ca49-4d83-b03f-9e17e3a38729 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-352cb321-e524-4275-9baa-ab4b8c3755b5-005 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Request Chain 254
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=0124dc18-79ab-422b-a8cc-1bb98ed63838
Request Chain 255
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=d28f18fbdf67107a&name=OPENWEB
Request Chain 261
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5tXigAEOaXcXAAF
Request Chain 264
  • https://match.adsrvr.org/track/cmf/openx?oxid=38fa53d7-c034-71c2-c340-dbac0f8dfab5&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttd_puid=38fa53d7-c034-71c2-c340-dbac0f8dfab5&gdpr=0&gdpr_consent=
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE59UDmSqVLbWaLMhYwlYDg&google_cver=1
Request Chain 288
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=6d3c2cb1-0d73-47a2-9c39-5b5f36169b6d HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0041c8a1bd2c7edcf4174ea768159f66d348563be777e702237a1aafcec16cb3791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwMDQxYzhhMWJkMmM3ZWRjZjQxNzRlYTc2ODE1OWY2NmQzNDg1NjNiZTc3N2U3MDIyMzdhMWFhZmNlYzE2Y2IzNzkxNDI2YjU0MTdkY2UyMRAAGgwIjK_tnAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwMDQxYzhhMWJkMmM3ZWRjZjQxNzRlYTc2ODE1OWY2NmQzNDg1NjNiZTc3N2U3MDIyMzdhMWFhZmNlYzE2Y2IzNzkxNDI2YjU0MTdkY2UyMRAAGgwIjK_tnAYSBAgCEABCAEoA&google_gid=CAESEOtzouxAy_mCUPrya5eZ4qw&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fa3a5b65-32e4-40e6-8660-546177406ce9
Request Chain 289
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7964311275014384432
Request Chain 296
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 297
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Drkt%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=rkt&refUrl=&vid=11248761733141264741454978000V10&ovsid=979321829986624376
Request Chain 299
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dcon%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=3dd595903e1a08&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dcon%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=con&refUrl=&vid=11248761733141264741454978000V10&ovsid=AAABt360ZG-XRgNgsYoHAAAAAAA&expiration=1671211276&is_secure=true
Request Chain 300
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dopx%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=opx&refUrl=&vid=11248761733141264741454978000V10&ovsid=f0d63a48-6b34-4b22-a00f-a5c2bd626869
Request Chain 301
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dmma%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=mma&refUrl=&vid=11248761733141264741454978000V10&ovsid=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dr1%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005&rndcb=4386996318 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&google_hm=ZTM0ZTdiYTgtNThlNC00YzBiLTk5MjUtY2E2MWZlN2YxZTg5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJe5nh2nkFF0ca44AD1edlA&google_cver=1&ssp=adconductor&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dr1%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DRX-352cb321-e524-4275-9baa-ab4b8c3755b5-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=r1&refUrl=&vid=11248761733141264741454978000V10&ovsid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzE0MTI2NDc0MTQ1NDk3ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEBI6JAyaOmRo2PMX8j_5mXk&google_cver=1
Request Chain 304
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=dxu&refUrl=&vid=11248761733141264741454978000V10&ovsid=K1UoQABr1P5RV25
Request Chain 305
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=cce5e24a-5d13-42f7-8f58-3d699e8e9406
Request Chain 306
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596829190239181973&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=2ab77f41-7cd1-441d-b7c6-59ab82a4c385&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10596829190239181973&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214970604366011519287&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596829190239181973&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 307
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dzem%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=yH6YX6kHP9S5e3yY820t&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLZJA3FSWBWNNEFAOKTGVSTG6KZHAZDA5BGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTCMRUHA3TMMJXGMZTCNBRGI3DINZUGE2DKNBZG44DAMBQKYYTAJTWONUWIPJTGE2DCMRWGQ3TIMJUGU2DSNZYGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLZJA3FSWBWNNEFAOKTGVSTG6KZHAZDA5BGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTCMRUHA3TMMJXGMZTCNBRGI3DINZUGE2DKNBZG44DAMBQKYYTAJTWONUWIPJTGE2DCMRWGQ3TIMJUGU2DSNZYGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&ovsid=yH6YX6kHP9S5e3yY820t&refUrl=&type=zem&vid=11248761733141264741454978000V10&vsid=3141264741454978000V10
Request Chain 308
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3141264741454978000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3141264741454978000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&cs=1
Request Chain 310
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
Request Chain 314
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LBPCLP5R-B-JTJD HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBPCLP5R-B-JTJD
Request Chain 317
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 320
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 325
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 326
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=720627579153&expires=30&user_group=1&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
Request Chain 327
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=92e0ecff80&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&pubid=92e0ecff80
Request Chain 329
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=27746732-924e-4d8c-b5d5-40edebbff484&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
Request Chain 330
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=56zZ62myyOwlNJcb3JTADw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 331
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 332
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=c3893cfe-5f67-4d61-ae6e-4a9508f002a3
Request Chain 333
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
Request Chain 335
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=27746732-924e-4d8c-b5d5-40edebbff484&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
Request Chain 336
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=56zZ62myyOwlNJcb3JTADw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 337
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 338
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=e0578d97-aac0-45d4-b198-18ce905818cf
Request Chain 339
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
Request Chain 340
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
Request Chain 341
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 343
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
Request Chain 344
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=115666fb-82fb-42e1-bc66-f6da17969ae6&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=115666fb-82fb-42e1-bc66-f6da17969ae6&_noobservation=1&_expected_cookie=59d246103b611e8385e598b12ecced63
Request Chain 345
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2442628202676436868836&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=70b52a81-f73d-4423-80ab-e4b4c862aaa3&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 346
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2442628202676436868836?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
Request Chain 349
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 350
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
Request Chain 351
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 353
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
Request Chain 354
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e0840ca-4a03-44f3-ae4e-23857a7127f3&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e0840ca-4a03-44f3-ae4e-23857a7127f3&_noobservation=1&_expected_cookie=c223bdc3182b4bca4ef9bf1b78f79b27
Request Chain 355
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2442628202676436868836&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3De34e7ba8-58e4-4c0b-9925-ca61fe7f1e89%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=60d3b747e3bc44ab8f867eb77ed38cf1&ssp=triplelift&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 356
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2442628202676436868836?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 360
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
Request Chain 362
  • https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283 HTTP 302
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=7018216432214041642
Request Chain 363
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 364
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g6b678312c8c42161cb9 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
Request Chain 365
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=b79aaf513591a18&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJP416tApWaQN2rc1NAAAAAAA&expiration=1671211276&is_secure=true
Request Chain 366
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=b1JTdUEjRwBUzqRKsovRkJU4mbU&gdpr=&gdpr_consent=
Request Chain 367
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
Request Chain 368
  • https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283 HTTP 302
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5629475560403883698
Request Chain 369
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g6b678312c8c42161cb9 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
Request Chain 372
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=b160d375-a634-45ce-ad00-00f165957bf5&expires=3&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 374
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1671124876922.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 375
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 376
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1333f4f0fed204b0&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJRTyru4_yfgMyJwO5AAAAAAA&expiration=1671211277&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJRTyru4_yfgMyJwO5AAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 377
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2442628202676436868836 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 378
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 379
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 380
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1671124876922.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 381
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 382
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=17aba3867e981a18&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP416tApWcQNV4eygAAAAAAA&expiration=1671211277&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP416tApWcQNV4eygAAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 383
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2442628202676436868836 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 386
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LBPCLP5R-B-JTJD HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LBPCLP5R-B-JTJD HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBPCLP5R-B-JTJD&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 390
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdl9FN0hOcThBQUNBUUJXMXZRQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEv_E7HNq8AACAQBW1vQA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEv_E7HNq8AACAQBW1vQA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEv_E7HNq8AACAQBW1vQA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
Request Chain 391
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7964311275014384432&gdpr=0&gdpr_consent=
Request Chain 392
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 394
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH
Request Chain 397
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:BF66B2B7-10A4-4A33-8409-E018E75178B2 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=e3006630-7c9c-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:BF66B2B7-10A4-4A33-8409-E018E75178B2
Request Chain 399
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BF66B2B7-10A4-4A33-8409-E018E75178B2&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BF66B2B7-10A4-4A33-8409-E018E75178B2&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 400
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=d9931da61201a18&is_secure=true&networkId=17100&version=1&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJP416tApWrwM8Ju9PAAAAAAA&expiration=1671211278&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 401
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0578d97-aac0-45d4-b198-18ce905818cf&gdpr=0&gdpr_consent=
Request Chain 402
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_FAF1B0EA_412DE822&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 404
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e169edb1-0c72-4ee2-b822-3b2af19d8487&ssp=pubmatic&expires=30&user_group=5&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 407
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e39fbfc8-7c9c-11ed-906a-20af8fa26946
Request Chain 408
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=b1JTdUEjRwBUzqRKsovRkJU4mbU
Request Chain 409
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 410
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K1UoQABr1P5RV25&gdpr=0&gdpr_consent=
Request Chain 411
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720627700828
Request Chain 412
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7993971252 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1508/dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341?zcc=0&sspret=1&rndcb=7993971252 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-352cb321-e524-4275-9baa-ab4b8c3755b5-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Request Chain 413
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SMPY43EtM
Request Chain 414
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 415
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=059346aa-93af-44dc-9883-105562a251ce&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Request Chain 416
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7244112822114767911&uid=Q7244112822114767911&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244112822114767911
Request Chain 417
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vnFER7iXAMyEWLklj1ebYw
Request Chain 420
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=fd1ea09c-a0e6-4862-8559-e03c0d6660a2
Request Chain 422
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923&gdpr=0&gdpr_consent=
Request Chain 424
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BF66B2B7-10A4-4A33-8409-E018E75178B2&addseg=10,33,39
Request Chain 425
  • https://pixel.onaudience.com/?partner=214&mapped=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f1d677ad0c1f4ca8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9eb7b67a8b7576f72db92f53163cb5f7&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=3057406e779216d4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
Request Chain 426
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d81e639b-578b-4500-a081-9e458f2ab181
Request Chain 427
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
Request Chain 428
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5629475560403883698
Request Chain 429
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7964311275014384432
Request Chain 430
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:584c9d3b-abf9-449a-9391-09ef75f8a064&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 433
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d3c2cb1-0d73-47a2-9c39-5b5f36169b6d
Request Chain 434
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJwtirinQ_uVr3g5gYVGi7E&google_cver=1
Request Chain 440
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=zS9xYaq9SKvFy03JE4a7&pi=medianet
Request Chain 441
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Damb%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=amb&refUrl=&vid=11248761733141264741454978000V10&ovsid=4472079285282843908

443 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/ 		70 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd64e57fce52f68c1c69e15bc8ab64f865dfeeeae12390ad4877d4363bb14708
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77a0daac2f54183d-EWR
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 17:21:11 GMT
expires
0
last-modified
Wed, 14 Dec 2022 20:15:12 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 16:41:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 17:21:11 GMT
bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
677145
etag
W/"624975547"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeyQoxtsypfA0Nwitxds9Xvikg%2FcQQkLil85dQuQlp4fjpOJiPV6b9O0gQbcIa%2BXR9S85fPIUR%2FG8hFqnmO8ejv1hy4gsU6fOm5lgIAxOqhlLea1vWubefH22RK5xCBe6c8XfZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daae7e2c6348-ORD
expires
Wed, 11 Jan 2023 21:15:25 GMT
main.css
www.bleepstatic.com/css/redesign/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc34f2a06c6aa5d058ccdd2c01fa323aea4fcf3ec1ce882359c8ba882ad2ae6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
266476
cf-polished
origSize=62721
cf-bgj
minify
last-modified
Mon, 12 Dec 2022 15:19:24 GMT
server
cloudflare
etag
W/"548367809"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZ3QTnfCHqdGFWveGcy%2Bv4Ys122uSuWFLGJavZMez0D1k81QaL0N8RXUgbGhLL6NLU2FAxO7IyygqtsNQJ6bdIy2YJ54QDOQgzeMJO1dLXaq6e5%2B9E7pdSjsbTt3LGTCxDcVc1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daae7e2d6348-ORD
expires
Mon, 16 Jan 2023 15:19:55 GMT
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
259648
cf-polished
origSize=15024
cf-bgj
minify
last-modified
Mon, 12 Dec 2022 15:39:49 GMT
server
cloudflare
etag
W/"1269509001"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mF7Brct5M%2BhWVnnrAfPLDvfyUUxfjfiwfq0%2F2MC8GZiIBkzJXVJtPXWouZo90%2BVrTN9ki3ZhKeFD4UMiclUrfOxO%2BmzLS6o4QuSwRbRpchlxcmSzXknMLPso%2BG5%2FCBUKemnmVsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daae7e2e6348-ORD
expires
Mon, 16 Jan 2023 17:13:43 GMT
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c67c45685a8493de342440179ed0b8938b51ad28ba46852babb4b31a20a46f3a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2078493
cf-polished
origSize=33241
cf-bgj
minify
last-modified
Mon, 21 Nov 2022 15:58:56 GMT
server
cloudflare
etag
W/"3838673808"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq8LRRz6Yb%2Bxqc8B7DmMP3E8NIF8vrr%2BxaEcmjcPjUKGlmmEr07fr%2FdUP5si4JtkzjSd1QlVi35qbFqeCGnH6OJviSXtD279u1MmItcvJHIz2JAyCKN6mRVpnBLGr9osa4Ovpqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daae7e306348-ORD
expires
Mon, 26 Dec 2022 15:59:38 GMT
jquery-3.5.1.min.js
www.bleepstatic.com/js/redesign/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 23:02:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3600
etag
W/"1177690299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma%2F2do9fSpXsMIhZu%2FCuYpdtU6jlFi3oVRqlqlaMr8Gj%2BO1eGB31Q1SeoZQLjowEiwHll8k1KU%2BHcG%2Bnnh1jUtSddfmsHAn0TbgUeFP%2FEGJ82OHxDpxjW7P2WqysDoGO39YPjso%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daae7e316348-ORD
expires
Wed, 23 Nov 2022 22:41:35 GMT
jquery-migrate-1.4.1.min.js
www.bleepstatic.com/js/redesign/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 May 2016 01:26:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3600
etag
W/"2177127834"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQK4XpzIAvfIkM0kDrakGR1mRQWFsa9aE%2FQMkY%2FY%2FeKjRPVhj1bkppgMQv3vLsdfUQROqdO5U9Em08VPPbmoyh%2FdJCpqJPbkvuetVuiv5lSfaU6%2FUGa1HIbIT8pBrqCFZczaHP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daae7e336348-ORD
expires
Mon, 11 Oct 2021 15:01:25 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445
cf-polished
origSize=247
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLQKeQ0wtX73nkh4PZgMPuZMOI0TrxN64eSoxsaHNKJ4mxAkodqBi9X2cV1l%2BKTMQ97BRdLOGO1iTU3Q9ai2pPAurLnpiWrUCcBVB7LWQzg24p9tGIOp70go4A754aRWiwOtVq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daaf5f356348-ORD
expires
Mon, 11 Oct 2021 15:01:25 GMT
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3144
x-guploader-uploadid
ADPycdt2uR7wKukPPZWgCMzEHCHKhOvpUMThpIqDFHHEVA5vqNdtYPuCo2jwdvspztIzz4wZyayj1hq10_uo1ANmSvDZ_Ux5o7m-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 28 Oct 2022 14:36:10 GMT
server
cloudflare
etag
W/"816783146b3907e634d0e822ca759864"
vary
Accept-Encoding
x-goog-hash
crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation
1666967770269941
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
2096
cf-ray
77a0daae3b0fca53-YUL
expires
Thu, 15 Dec 2022 18:21:11 GMT
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		168 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf82da64c2debe7b6e5d2a055453421eb8f7804f39c7f065e80135c5615b8b06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1555
x-guploader-uploadid
ADPycdu2XZjrmpFE3j5_D7FZk0CRHJr_fz4vBiZcrz8MyWrg6oE0wwAx26QYkvwDVQfSFwzobgmlL5sD2f0NN_SLMrNGZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 15 Dec 2022 15:34:58 GMT
server
cloudflare
etag
W/"e72bcda5e707749cb7884a2b71f19f40"
vary
Accept-Encoding
x-goog-generation
1671118497990658
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=s7767g==, md5=5yvNpecHdJy3iEorcfGfQA==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
171677
cf-ray
77a0daaf4c95ca53-YUL
expires
Thu, 15 Dec 2022 17:51:11 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
087e211bbbdba9abd7e9ee2c4108e251db57e940036165afe2d78484a9a943b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44590
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 17:21:11 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78273
cf-polished
origFmt=png, origSize=1882
content-disposition
inline; filename="logo.webp"
content-length
1152
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgbKtvX7dQkhj2%2BJqQwFHO6O0sMqO5iuYMWUjdtei91cQONJNR5YCc864NsE9YT%2F5ybvdEOlhABWrFLDX%2BGe1r8qziGkE8Pxc8CJI1KpmglBtXkfC9MRSklsOedYucTkn2lnkKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf5f3d6348-ORD
expires
Fri, 13 Jan 2023 19:36:38 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 05:50:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 16 Dec 2022 05:50:46 GMT

Redirect headers

date
Thu, 15 Dec 2022 16:51:38 GMT
x-content-type-options
nosniff
server
sffe
age
1773
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Thu, 15 Dec 2022 17:21:38 GMT
Windows.jpg
www.bleepstatic.com/content/hl-images/2022/10/26/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2022/10/26/Windows.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0ec4a27964ea98a8600978a39a25666495e4eb3a3b991e14b41d55b7d286b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77761
cf-polished
qual=85, origFmt=jpeg, origSize=300377
content-disposition
inline; filename="Windows.webp"
content-length
113736
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Oct 2022 11:37:08 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lF5aS5caIhU7ee4t0Xm5XfPh%2FYV4cIl59k%2FUD10sImag8l%2B5csHs4Hzd0Of%2BmVIG7OZRv13x%2B1d4LsD9AhpFGFxauOlT3qIxo3JvFKbDmws%2FCGb1rulivtUkBCAtR8OoXufnx%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf5f3e6348-ORD
expires
Fri, 13 Jan 2023 19:45:10 GMT
magniber-chain(1).png
www.bleepstatic.com/images/news/u/1220909/Diagrams/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/news/u/1220909/Diagrams/magniber-chain(1).png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933cc5be181c339052c537dc5123694ee997b964dc04cf92e97f727680075ea0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81691
cf-polished
origFmt=png, origSize=78083
content-disposition
inline; filename="magniber-chain(1).webp"
content-length
40842
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 14:08:16 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk5fRwFkOkOPGu6TZiDl2%2BTPC8d%2F%2BU3i%2Fr1F8%2BvGjmnkB9AcE068GQ6Pa%2FbB%2FC52tPDSYKwK36U0mE0sV7iqWXgf7TnvxIBp57OQPRkksq7MuYJzAwzX7cE3i9KRxyfzOCZIT4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf5f3f6348-ORD
expires
Fri, 13 Jan 2023 18:39:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc8a076fcff4325c0a954f31f99f22ec5282c25b98dffc16365e0fee3c85fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49529
x-xss-protection
0
server
cafe
etag
2226917377197549035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 17:21:11 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78273
cf-polished
origFmt=png, origSize=475
content-disposition
inline; filename="twitter.webp"
content-length
282
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4N8hB0NorUayD%2F6xA6bsKOiFuAtvRwb9GyH3vXNfETrBamEq1Vcj3jGYm2D99pzRM%2Fe6pwDcpm8p%2Bnvacj4zMyeLwkpYkiQIDcLb%2BI2WZtimE%2BNZjDOxXhr6qqpfOai1%2FFaImws%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf5f406348-ORD
expires
Fri, 13 Jan 2023 19:36:38 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/bootstrap/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
677144
cf-polished
origSize=75484
cf-bgj
minify
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"984724076"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NHR8Pq6LsBrSfz7q71z0i4ZivMcs7mbE6kvbL8kYM274HedbbvVuN2%2FJyGT7whmsbuZ70vpKhC7UBBGjGiAmrF8BUD7HgitutV5ikFmneuG2VoamflQIG9YNEDyX2eMDXdMUw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daaf5f416348-ORD
expires
Wed, 11 Jan 2023 21:15:27 GMT
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
677144
etag
W/"753357888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDnpnxUVBBZNIPCUKn0kJEAR9FeQfuDwrf0SvZgKtOY9%2F7UiTJWfOfnvfklXSMpxajMizG4dchUvHBlNNgTyg6%2BNfB2rJbv9YAOxuylGm%2B5rd2LqdavQP5XYobxiW9%2FfOebCWC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daaf0ed26348-ORD
expires
Wed, 11 Jan 2023 21:15:26 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
677144
cf-polished
origSize=3600
cf-bgj
minify
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adgJbbSq32Wx0CRAaj8HZCZ3lTNOdlVgzsEd9cS2TQD89OC57ELvJ8K7HCNsLRpc2%2FH%2Bq9Kwphplmt9UvzziYNNpZ51kQ1gYHNBSn1mMp%2FOO8FLcVtXHamtq02vbFQlQgQrbUAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daaf5f426348-ORD
expires
Wed, 11 Jan 2023 21:15:27 GMT
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
562
cf-polished
origSize=48706
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FXK1ga%2Fk2euSW0%2F0LsP4v%2BX6AEhx%2BWQ0mdtAs6L01lIY0tSca%2Fh6ssAFBEmIz4xBImpeDaxtNH3MDJpScQNIeKMJezyQttsv7dvPqrmyhgrBRBE9wmbTonkqj9Gyragp%2BNKRhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daaf5f446348-ORD
expires
Sun, 20 Nov 2022 14:01:39 GMT
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3600
etag
W/"1740214911"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JahQhxyulTarLjwblqnon7hyBmHUU%2B4fWtPR0mtQG6p3waz2oRGDC%2BFQBmXK%2FPjuRXv%2B1Tfvkc5zT0cQIgtTf82IejGF%2BemN1WM2uqHCjqB1kPMFX3i4Jkaxgqxtidcr3w%2B1%2BYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daaf1eee6348-ORD
expires
Tue, 26 Jul 2022 07:12:34 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.120 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-120.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 15 Dec 2022 17:21:11 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s9.addthis.com
content-length
116423
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
77a0daaf7e49713c-YUL
connatix.playspace.js
cds.connatix.com/p/208028/ Frame 9AA5
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/208028/connatix.playspace.js
1003 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/208028/connatix.playspace.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76d10326e74fe1c5757a2a8e3e255448616d70680d5e85455a5478f9861bcbab

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
last-modified
Thu, 15 Dec 2022 16:14:35 GMT
age
2010
etag
"cdd774e19693c742ccd941b400ec84e0"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
233068

Redirect headers

location
https://cds.connatix.com/p/208028/connatix.playspace.js
date
Thu, 15 Dec 2022 17:21:11 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-41.ewr52.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:16:29 GMT
content-encoding
br
via
1.1 b7ddb18a56b4bad68ca78b085e9ca450.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
EWR52-C2
age
282
etag
W/"61b8b8ab-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
gtJUsjOF9XRNg4LySQlOZ1iONp5VPlV310-R5W3F5USLHyEscli6ng==
expires
Thu, 15 Dec 2022 18:16:29 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-120.ewr53.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
df7bbc4a209a098e769cb5b8c5812002e83d62863947b0bbcb76c4133095dfe7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:32:48 GMT
content-encoding
br
via
1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 16:32:48 UTC
server
nginx/1.20.0
x-amz-cf-pop
EWR53-P1
age
2903
x-powered-by
PHP/8.0.14
etag
W/"392e5c5f5a01809618cbc8cc26224af9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
DPwf0d4MDry6JX9Zyn98P4wdxzAdpwP77IayZ2eXOcVVZSQPH5oWSg==
x-xss-protection
0
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78273
cf-polished
origFmt=png, origSize=187
content-disposition
inline; filename="login_bg.webp"
content-length
126
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onOkWroEc7MIOrGjtmXeYmqyknAootIFjtDzI8L90kvlzl%2FO3PBxYbFGWf%2FsUqhuLT%2FvR04IjdNqtfrD%2FDdkmpB9peG2IbgoE17BYGJc3cRhMs4Iv%2F3bqz%2B5kuD9H2Nz25kZjuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf5f466348-ORD
expires
Fri, 13 Jan 2023 19:36:38 GMT
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78243
cf-polished
origFmt=png, origSize=83
content-disposition
inline; filename="nav_bg.webp"
content-length
72
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z2dlHU9DyK%2BAesFGXmoPYRCpVN8KKkIyNzjMzZT8c12X0UKv6eUyfzIcGVTiczMfVEHYKF4cBLGLXqvmXWcd%2BED6TDMmoJlftBRxhi%2B9xAnMOcY0CJCqIGU%2BHZuWcYrKtUZQC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf5f496348-ORD
expires
Fri, 13 Jan 2023 19:37:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 13:22:36 GMT
x-content-type-options
nosniff
age
14315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 13:22:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:31:34 GMT
x-content-type-options
nosniff
age
67777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:31:34 GMT
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78267
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
cf-bgj
imgq:85,h2pri
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0zOupu4e1YRNJZQER0j8o%2FMwS99sf7YN1XwGv9oKihRhSG8RvDdMoubDN%2B1sGQlzOJMCmWsGnmD%2BlVfNZxxJaVycEyrLMGoBbz0HkxtEQuHp5AQtobV6CTooYJwjE92reEDNgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf7f766348-ORD
expires
Fri, 13 Jan 2023 19:36:44 GMT
calendar.png
www.bleepstatic.com/images/site/ 		86 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78243
cf-polished
origFmt=png, origSize=129
content-disposition
inline; filename="calendar.webp"
content-length
86
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUSOWiV58ZHMAOxtJl37oPtfnl8j5td996rl2EUpJaCspHJFTd2AAEjT6PFBOBs%2FM2bSbFOF0XhXgNhCvo8Plg9wKLPsUsyhtCxGg2WCFvPM7rOHAyvVSolAMPXxnRk9LMzXUGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf7f786348-ORD
expires
Fri, 13 Jan 2023 19:37:08 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78267
cf-polished
origFmt=png, origSize=1316
content-disposition
inline; filename="clock.webp"
content-length
252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGC7ZKnpafYhTdWAuZ7nuNIPjZh%2Fb%2FUovZRd479kEbYBe0OOMkw4OD2F87B%2Foj9JzbZl9wEpETqay1DEZQeJoXw2s12MD29JoZEa%2FGgKUskyD0Owu32mazMnTE4wj%2FSj2cXUfNo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf7f796348-ORD
expires
Fri, 13 Jan 2023 19:36:44 GMT
comment-light.png
www.bleepstatic.com/images/site/ 		94 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82544
cf-polished
origFmt=png, origSize=1034
content-disposition
inline; filename="comment-light.webp"
content-length
94
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUGFCDqLHcOsM%2Btuzu0VdXFFC25CMTHymskrm1wZR9w5ybUaJAfUiOVfvXShMWXCXvX9TD7uCFKDO2v8vdYYm%2BF22IgLlpDnYo30Xyd1If9kh0C5u3FxRieurFzMVggqBXRLYfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf8f836348-ORD
expires
Fri, 13 Jan 2023 18:25:27 GMT
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78243
cf-polished
origFmt=png, origSize=618
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xjg0EAGQywfnjJjmY1flRPoou%2B6YB8ajGSHblyXGmoEwMBf9Yzu%2BBvDRgv2DHXvqZfcNXG7uZVD2I4Q8TVV0B2KhDuMZzdE6DEfEoOvSYEZqX80xsc1bPFpRnUmsKwrhQBtRAZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf8f856348-ORD
expires
Fri, 13 Jan 2023 19:37:08 GMT
71f54ec34151fbdfe89e478d7b6e5ddf.jpg
www.bleepstatic.com/author/photos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/71f54ec34151fbdfe89e478d7b6e5ddf.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99887c8a3e382dd055b9504a2141c52fd90fa929ebf16f39ba8526a2c7110362

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4201
cf-polished
degrade=85, origSize=6170, status=webp_bigger
content-length
5955
cf-bgj
imgq:85,h2pri
last-modified
Wed, 02 Jan 2019 02:04:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnRW6IgSrmn84NtUZJ8uhlRsf4P7saSsPNjBTNaFqUXsKrrqA%2FBq2HlfAUrteYZ5M59UIimlJHcokvC26nrAgJkMie0yhg7gAIPbNNTvY1THuVxAknLubBt3HrZaseyvpZUl%2FAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf8f876348-ORD
expires
Thu, 21 Jul 2022 07:13:26 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=12.12.22.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78267
cf-polished
origFmt=png, origSize=72
content-disposition
inline; filename="h4-bg.webp"
content-length
38
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsDufmBuuEPq0oB5JGYcdOdAuLN8K889%2FHkz8fnNoLiLWTTfINsGw7eaL%2FGe2jxzQBKVtGxB3EtBL2NEf8nE%2FvAzOEQYIqjMf7%2FoMbbQw9efdvmSfqlJGFTjM%2BF57AE4Qzh4Rns%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0daaf8f896348-ORD
expires
Fri, 13 Jan 2023 19:36:44 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:33:19 GMT
x-content-type-options
nosniff
age
78472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:33:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:31:33 GMT
x-content-type-options
nosniff
age
56978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 01:31:33 GMT
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586
cf-polished
origSize=4895
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrE%2FTVI9MndbcW9nA0Zg7UEFtw57zeEP3jveHAUkw8ruRVeBqNOZdH6wqVyaRaZOF%2BX0X705uu7FDsHTQIvhs6SE1EuReiSTyFwWCFOhQ4gio5uUpc%2B1r0nctOHZ7%2FMvhZw1DHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daafcfe06348-ORD
expires
Wed, 23 Nov 2022 22:41:36 GMT
fontawesome.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		79 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/fontawesome.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:35:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2653985
etag
W/"2038534161"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgFGLsGxh8NivX5e9rLSvlTLYEl93vj8svvGX05yPL9SXGrztorNWxeilR%2FD%2BgvNn0V0QVESsmIfVgS7uvWegSQqukwipVWSCgzgYuJFlOyca1HOAKz5BCveupVmmwUaSNKKApo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daafcfe26348-ORD
expires
Tue, 20 Dec 2022 00:08:06 GMT
brands.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:34:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2653985
etag
W/"2013745295"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UckPbogdOVNXO9YWUGqG%2FufD937AunPxfKJPaAGOaIiI7eIKmygcISGPzECPQz997obLnuBKpRy6LI3ZzDQAxVQ3r4mjPfBHJqCPGFg%2BEvyAeH0uORA4Mh%2F14If0NRP9BeqCjcs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daafcfe46348-ORD
expires
Tue, 20 Dec 2022 00:08:06 GMT
solid.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		572 B
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:34:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2653985
etag
W/"508050520"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIHAJuEqDPz7TxVpCQ%2BQ6GP8Fey%2BfvdVgCa09TsnDX098OCrzSxtcGDyygMXIW5HQ83Ptzv4pKlvRKV7LJJujwb2VZdundMLRJe6lreeN31Xa4cFv047kG%2FVY3wzV4K%2BOqRKhx4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
77a0daafcfe56348-ORD
expires
Tue, 20 Dec 2022 00:08:06 GMT
v2tupdPC-7Fco-VIBVhP30JpJ6cZ2ZHpJFTa1tQe69wZpFD7n4_TZYBRFsw
functionalfeather.com/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/v2tupdPC-7Fco-VIBVhP30JpJ6cZ2ZHpJFTa1tQe69wZpFD7n4_TZYBRFsw
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
cdf915e05e99a86da2a4615ed3956ee1d89c8bc56fde9e662a207bf1eb677259
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 15 Dec 2022 17:21:11 GMT
x-datacenter
gce-us-east1
etag
"c241735f2295c00a06d9b828dad4d4e7e7b8e19125bb1ee1d8a9fead21c9eb5d"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-jfx4
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init
d.pub.network/v2/ 		73 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=535&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
b1fd298b2eb7209d9fe5ecf8d48438d8605600cdb4f4d9c25e3873617b54f036

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fa-solid-900.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-solid-900.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:33:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5625
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69fzqEgx7bi4y9%2FytlJ4gxK0dOPyR8NIAPx6rdOgcKGw%2B%2BH6GGATIEorq6R%2BBVNjrNPoWtW9bXyfCtP9MF7nKT%2BsRHFnaGf2dVlrg8iq6FEdNzekOYboMgU%2BudrN2D1r2TFVi90%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
77a0dab0ea0b6314-ORD
content-length
150472
fa-brands-400.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-brands-400.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5625
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ncws4CXiruai6BNbIHSsPou%2FGRR7Nr7Qeh1ajl3%2B42nSnQID3nifCuK6Q3GHYk3ps32HQSkX1PSsswdLcIBQczRJh6rCtnP8kLrXrtAu7dvtNUk4yc9jBkzc6fLGy9nGG6AFtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
77a0dab0ea0e6314-ORD
content-length
107460
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 14:28:07 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.213.65 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-213-65.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 14 Jan 2023 17:21:11 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
441a8af0cb66ff9948787c5ea62b541e17183cd674c0dfed4bed8e40ebaa0aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119785
x-xss-protection
0
server
cafe
etag
8998756681484829292
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 17:21:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 3637 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
44598
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 04:57:53 GMT
etag
10353107486223812946
expires
Thu, 29 Dec 2022 04:57:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
292x176_patch-tuesday-header.jpg
www.bleepstatic.com/content/hl-images/2022/12/13/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2022/12/13/thumb/292x176_patch-tuesday-header.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c61f67b1b1399af6d07e49e904a0e5ed88698441a36e5aaae5d35deb90b35e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44100
cf-polished
qual=85, origFmt=jpeg, origSize=23401
content-disposition
inline; filename="292x176_patch-tuesday-header.webp"
content-length
2460
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Dec 2022 22:16:19 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7TFAfaGCboG31AsxnDuw2GkvLjkNxiD5pgUDQx8pQxJ48tVYrLk1KRxSPncVTaB9xZ%2ForZM6W2NavIe%2FMvbAGDjFridulEqffXMma%2BOlCfOR6GjaVnisIlM1oW7imF2aqaN3WA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0dab139b86348-ORD
expires
Sat, 14 Jan 2023 05:06:11 GMT
292x176_microsoft-fire.jpg
www.bleepstatic.com/content/hl-images/2021/03/18/thumb/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2021/03/18/thumb/292x176_microsoft-fire.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db797cb4944a3af0072b8d6bd634bcb0f7f25b874cf649da80a9e32da96e1646

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39801
cf-polished
qual=85, origFmt=jpeg, origSize=34472
content-disposition
inline; filename="292x176_microsoft-fire.webp"
content-length
5864
cf-bgj
imgq:85,h2pri
last-modified
Thu, 18 Mar 2021 19:12:43 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKL8UeCmZs%2BZLFis0kxhwNFkG8b4UoTR3wr9bdDrMJ2GHY5uZZBahfXdDvY2Cki7nqsEJNk5rR1MZjtWcgbpYGIKKqtJbAmh76a6VB9CgKtf%2Fpdv1vm8hZcykcA%2B6NtpTD81RD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77a0dab139bd6348-ORD
expires
Sat, 14 Jan 2023 06:17:49 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:37:54 GMT
content-encoding
gzip
via
1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
49397
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
2LIdH31u7I46YTIEzpw8JVPgDksSEWqfLAbzS4iDVPG9rjLoCoMK_g==
pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
a.pub.network/core/pubfig/ 		448 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad74c012ba5765e5a3b294f62dfb8521b8af03a23cd21aa26025e5a8da270bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3136
x-guploader-uploadid
ADPycdsQafkuj_F_6udlj7eL3v6G5gLuI7dcQuK6dn29Etfj_XPYiczAkZSzpXSZYtUkGLYMFDuzAHkJG3oEPoVe0yyNCV9qBZE4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 12 Dec 2022 18:39:36 GMT
server
cloudflare
etag
W/"cdd7c1a0d8949ba05edacb2a2d3a6a02"
vary
Accept-Encoding
x-goog-generation
1670870376289820
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=Y+aANg==, md5=zdfBoNiUm6Be2ssqLTpqAg==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
458920
access-control-allow-origin
*
cf-ray
77a0dab13f0aca53-YUL
expires
Thu, 15 Dec 2022 18:21:11 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79b20186a9a48fff67e6e89546f6aa7628b28eaeb5e0485a25c13e8b46f90d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78194
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 17:21:11 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 15:46:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5686
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 17:46:25 GMT
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: functionalfeather.com
URL: https://functionalfeather.com/v2tupdPC-7Fco-VIBVhP30JpJ6cZ2ZHpJFTa1tQe69wZpFD7n4_TZYBRFsw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 10:06:40 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7888472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
7DwcR3kk-gbroIkpKP5uAjdV79inu43K-4nX3d8V5QkkFaRligKJ7Q==
spc_fi.php
cdn.firstimpression.io/delivery/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&charset=UTF-8&ch=17&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=78446262
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-120.ewr53.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
078813a74f777fa49548ab0e2e8acb1c918aa1d0124c2c243ee547aac6a7e2d8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
gzip
via
1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
8T0ewJo0eFLNsauydodfw_sQ8Ux60GO8CX3Ss8jv3LmimWj2vxW37A==
expires
0
hls.ab55e91cf2e7990a858b.js
cds.connatix.com/p/208028/ Frame 9AA5 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/208028/hls.ab55e91cf2e7990a858b.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
last-modified
Thu, 15 Dec 2022 16:14:35 GMT
age
2009
etag
"868fda65cc88cffe4409447cc5b10b11"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48357
connatix.playspace.css
cds.connatix.com/p/208028/ 		109 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/208028/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
efca004102a9455aca7d8879f0f2bd579ffe253bda0ea442a9707967662fb2f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:11 GMT
content-encoding
br
last-modified
Thu, 15 Dec 2022 16:14:34 GMT
age
2011
etag
"154d0b93af0796a17cfacee1540b4a28"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
14963
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.54.69.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
23B28664DCEA9EF7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50271
accept-ranges
bytes
content-length
948
x-amz-id-2
AySDnc4uRjW9Th6WvSZfrFG03ojfW1Xc9SiULhzo6VNG69N0xYQoufNtgaRAnzXIDkZKs4hiwts=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.120 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
etag
-1659864586--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=23, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
678
300lo.json
m.addthis.com/live/red_lojson/ 		101 B
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=639b5788665b08d2&bkl=0&bl=1&pdt=346&sid=639b5788665b08d2&pub=ra-561517d2c7f964d6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bleepingcomputer.com&fp=news%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=computers%2Cwindows%2Clinux%2Cmac%2Csupport%2Ctech%20support%2Cspyware%2Cmalware%2Cvirus%2Csecurity%2CBypass%2CMalware%2CQbot%2CRansomware%2CSmartScreen%2CWindows%2CWindows%2010%2CWindows%2011%2CZero-Day%2Cvirus%20removal%2Cmalware%20removal&colc=1671124872032&jsl=1&uvs=639b578877b20dc5000&skipb=1&callback=addthis.cbs.jsonp__71765525059786640
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.120 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fa04bb2247cd798fb0e1bc27bcf44155b4a7d5511b2ba33edd3eca0cc1c5001

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:12 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
101
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 5B6F 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 714D 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.120 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-120.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Thu, 15 Dec 2022 17:21:12 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=2oebu0&_p=592695765&cid=1617610065.1671124872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671124872&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&dt=Microsoft%20patches%20Windows%20zero-day%20used%20to%20drop%20ransomware&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		407 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bleepingcomputer.com&callback=_gfp_s_&client=ca-pub-0920899300397823&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54f5c1a1d9f6cc9b85479d94f6e4ebc99e3e8c7868199c62b832eb5783083e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
259
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 347E 		0
0
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		162 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da4126b303290ef34a4a638516194afa042c66b98eb396db790e807975e517e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 16:05:56 GMT
server
cloudflare
x-amz-request-id
WPV1CACZ9NHR1PHD
age
441
etag
W/"5614ed32a0c91398c1f6f7c081f9f43d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77a0dab3ce46713c-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UB0pyTVpTU5TfQ1jqx3/ahcV+6Wv0IgAZZhzYUZWlG/Y+BDwSLbaluEVKAmIXXslmHD8I/hzMKw=
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce1b8b6bc9ae8900b96861eb134e6b4db73075cff0e8e3a230327d75cdbe18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27539
x-xss-protection
0
server
sffe
etag
"1422 / 880 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 17:21:12 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
888 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74bacc9c3131881bd72a404f24a7370fe30f787a456ad7b47054bf71328335f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 16:59:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1294
etag
W/"be63bbdfe03723f83d27aaf1fa6b1e73"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bd2qMN7X2%2BZXuF26LVUeoXr4k3yMGOHD2lEknv4lBQMSDsk92Nihdsr7uDs1RLIhw4717yFOmgAEbR6gmrYSATnYn2lh3JhkvAcyiULyup74sAyprBUnI4zRN6oPPjajDeYvqJrZ8D%2FWIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
77a0dab53c906387-ORD

Redirect headers

date
Thu, 15 Dec 2022 17:21:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rs2R1xz%2BJpugcC%2Fsdie6bNHljzUcdkT6thpVZL69U2YYMJCtPP5VC2RAg5HjJftrC4zYnPZnYJceqAUtAK9W%2B%2FiiHmF1xyhmXiJNF9hJ9bwBJG9V6ceJchZtxCGev7H1DwOEoonwf1Gah7eJf6flHq5RZNwUWwy10gScYg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
77a0dab42dfa6321-ORD
expires
Thu, 15 Dec 2022 18:21:12 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&ref=&_it=freestar&partner_id=474
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FNK044PCM9Y7VVCR
age
7064
x-amz-id-2
AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGzewhlNm5l6TL8b352GQ3QBscygCd23TFrskmRlDpAJ27tOXHMSfzDB1kR%2FS99%2FxuhntpSMoZbRJPmSrVTVfNWPAkuXJR0kg3I1lpQQ7R3WGdfXT88uzAj3nJwUCW7IhoL%2BiArYVRLvnF8cvEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
77a0dab42e0d62e8-ORD
prebid-analytics-7.19.8.js
a.pub.network/core/ 		547 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.19.8.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94659d833506ce389c63600cfca80aa079eb4fca4c67736dfbeec87dfe6885fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3137
x-guploader-uploadid
ADPycdtu99NW49t8HKbf088-UT9MiktSpczMfKMHWbSoUeigguxdhDpGL_ljIfvqTN27Um01J52rGl7awhpgl5cn200qjQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Fri, 02 Dec 2022 16:03:29 GMT
server
cloudflare
etag
W/"51ace935aa2aa7ac94ab810fd2e22d1d"
vary
Accept-Encoding
x-goog-generation
1669997008969213
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=6w1rdg==, md5=UazpNaoqp6yUq4EP0uItHQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31532855
x-goog-stored-content-length
560022
cf-ray
77a0dab3ba44ca53-YUL
expires
Fri, 15 Dec 2023 16:28:47 GMT
story
capi.connatix.com/core/ Frame 9AA5 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=208028
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd7d5c2f2a75db260167c9d87cf8940899c207863c7049aca86abe5e3554c9fa

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3605
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 554D 		0
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1671124872339&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1671124872339&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1671124872339&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&c8=Microsoft%20patches%20Windows%20zero-day%20used%20to%20drop%20ransomware&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
vz6TFGdCru0p5abPb_vG7N2OiLcEdlxqudFg91y9dC-TvX-iveFrYA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1671124872339&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&c8=Microsoft%20patches%20Windows%20zero-day%20used%20to%20drop%20ransomware&c9=
date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
content-length
0
x-amz-cf-id
sSrbNXDyv_xbbuNmq7UlvqpxOprXAUYV5IM4alzlqqHLB6gAWPBrgw==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=592695765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&ul=en-us&de=UTF-8&dt=Microsoft%20patches%20Windows%20zero-day%20used%20to%20drop%20ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=891310290&gjid=1211337137&cid=1617610065.1671124872&tid=UA-91740-1&_gid=735333069.1671124872&_r=1&gtm=2oubu0&z=1232226510
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
insights.bin
ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/296ae128-0ee0-40ca-bce0-64d05202459b/ Frame 9AA5 		252 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/296ae128-0ee0-40ca-bce0-64d05202459b/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5442890d0ce895f47a9e586aebb777c54a89373714cc805d714d57992999c200

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 15:06:40 GMT
age
7969
etag
"e080ac8a17849d6933c7ef3292a24dc2"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
174
insights.bin
ins.connatix.com/a1497310bec01e145ed574d4ba220062/ Frame 9AA5 		504 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/a1497310bec01e145ed574d4ba220062/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07bb21aa34177a5c4d3b1c8a06943e52ca295124455b107cd7401224d6e2531c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 20:39:41 GMT
age
73397
etag
"32a56d1b7b5fe255bce9471ca5bef11d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-max-age
86400
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
306
v2bsxzWm0fdLfB--aepw0jlzyqlU4h20s-p20VB61u2Zh-MrskO29T9FqBjctG_yx60P12otbx1w
functionalfeather.com/ 		183 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/v2bsxzWm0fdLfB--aepw0jlzyqlU4h20s-p20VB61u2Zh-MrskO29T9FqBjctG_yx60P12otbx1w
Requested by
Host: functionalfeather.com
URL: https://functionalfeather.com/v2tupdPC-7Fco-VIBVhP30JpJ6cZ2ZHpJFTa1tQe69wZpFD7n4_TZYBRFsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f1d7066cf9330a1d1a31fc729644ef86718a7421179a4fa556fefc92f7528325
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-hostname
fen-hoothoot-us-east1-jfx4
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 15 Dec 2022 17:21:11 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.120 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-120.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 15 Dec 2022 17:21:12 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77645
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 21:15:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		237 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45eb532e14893017919a19c9487a11c5f81d678f63a4868c52e2197158d4803f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Thu, 15 Dec 2022 17:21:12 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212121148/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 16:50:50 GMT
server
cloudflare
x-amz-request-id
YBE1KDX6CAMYTCYW
age
253568
etag
W/"a295e934190c6de7fe47fed7fbac382f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77a0dab51c5b4bd7-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
lBX2BMWjlzR9CPmp8by1S2ZdUWWgLVINLr9AmqdAXYW/E1E0l/vnkoKjlb1m4vh59bH6dP7SR7E=
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9AA5 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b66a32676b8b10767dde5b07ed820cb68a52986deb67dba5225b335b4388177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27663
x-xss-protection
0
server
sffe
etag
"1422 / 377 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 17:21:12 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9AA5 		0
0
296ae128-0ee0-40ca-bce0-64d05202459b.bin
vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 9AA5 		2 KB
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/296ae128-0ee0-40ca-bce0-64d05202459b.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9b993f3863c63755241643998894a5f036b57c6777ead3ec28a4410ca81072f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 15:06:14 GMT
age
7967
etag
"897b19efc9e0aeb7c1eaa02fec6b6e8b"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
812
1.png
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/067e5169-ece3-4ce8-87ad-c7961b8bb396/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
age
1860094
etag
"hFXyLna+DTJNsEAHl9VofT9XA3gUCQ1YPkvAuddeFoA"
access-control-max-age
86400
content-type
image/png
fastly-io-info
ifsz=11996 idim=794x206 ifmt=png ofsz=9784 odim=794x206 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
9610
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://cks.connatix.com/cks?pid=19&uid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttl=1673716872
146 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttl=1673716872
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1266b5c3e0e32cc696d690b70d08fe59c0fbdaa3fafa141f0c71218cb574960d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttl=1673716872
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
213
1000.gif
id.rlcdn.com/
Redirect Chain
  • https://id.rlcdn.com/712202.gif?cparams=6db773666cc44d6e9db03090a45b01a9
  • https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCIiv7ZwGEgUI6AcQAEIASiA2ZGI3NzM2NjZjYzQ0ZDZlOWRiMDMwOTBhNDViMDFhOQ
42 B
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCIiv7ZwGEgUI6AcQAEIASiA2ZGI3NzM2NjZjYzQ0ZDZlOWRiMDMwOTBhNDViMDFhOQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCIiv7ZwGEgUI6AcQAEIASiA2ZGI3NzM2NjZjYzQ0ZDZlOWRiMDMwOTBhNDViMDFhOQ
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d6db773666cc44d6e9db03090a45b01a9%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX...
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d6db773666cc44d6e9db03090a45b01a9%26pname%3dSpotX%26api-tier%3d1%26uid%3d%24SPOTX...
  • https://cks.connatix.com/cks?pid=10&ev=6db773666cc44d6e9db03090a45b01a9&pname=SpotX&api-tier=1&uid=df96025e-7c9c-11ed-995f-196b415d0403
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=10&ev=6db773666cc44d6e9db03090a45b01a9&pname=SpotX&api-tier=1&uid=df96025e-7c9c-11ed-995f-196b415d0403
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a09d74b02c96141433d3edb41c65e31033e202640192863c6b0cd6613f233431

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

date
Thu, 15 Dec 2022 17:21:12 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://cks.connatix.com/cks?pid=10&ev=6db773666cc44d6e9db03090a45b01a9&pname=SpotX&api-tier=1&uid=df96025e-7c9c-11ed-995f-196b415d0403
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
199
content-length
0
cks
cks.connatix.com/ Frame 9AA5
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&source=connatix&uid=6db773666cc44d6e9db03090a45b01a9&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d26%26ev%3d6db773666cc44d6e9db03090a45b01a9%26pn...
  • https://cks.connatix.com/cks?pid=26&ev=6db773666cc44d6e9db03090a45b01a9&pname=Synacor&api-tier=1&uid=330DBB44390F43F1AF2E5B58C83F3E4B&direct=1
0
0
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9AA5 		0
0
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 9AA5 		0
0
12703
tv.springserve.com/rt/ Frame 9AA5 		0
0
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9AA5 		0
0
da969d22-a64b-46fa-9aba-c62fceedc7c2.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		22 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/da969d22-a64b-46fa-9aba-c62fceedc7c2.jpg?crop=834:541,smart&width=834&height=541&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5cb194eb96c0fc5d4d21d22161d97f4fb6d346e86420e1474bc120a34c5c3aca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
age
7992
etag
"aISFh+AtAYbR8Rm8Hcpgw1b3fQz+JOJcTrjNIPk5v/g"
access-control-max-age
86400
content-type
image/jpeg
fastly-io-info
ifsz=99962 idim=1600x900 ifmt=jpeg ofsz=22313 odim=834x541 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
21633
v2hnjKrnQb4IBjQFBtkjbeSYcDVLYaxdlV017LJ6qCKXeff4zld30ZNgnBMf4cqsZqMoUmdnWfAI
functionalfeather.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/v2hnjKrnQb4IBjQFBtkjbeSYcDVLYaxdlV017LJ6qCKXeff4zld30ZNgnBMf4cqsZqMoUmdnWfAI
Requested by
Host: functionalfeather.com
URL: https://functionalfeather.com/v2tupdPC-7Fco-VIBVhP30JpJ6cZ2ZHpJFTa1tQe69wZpFD7n4_TZYBRFsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-hostname
fen-hoothoot-us-east1-jfx4
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
da969d22-a64b-46fa-9aba-c62fceedc7c2.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		20 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/da969d22-a64b-46fa-9aba-c62fceedc7c2.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ca35f04434365f26091ab5b0b82a22c8f815415c9742c9215f67c9c8df8d35c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
age
7993
etag
"OUwVZ1dvnW+XvkwZ/3uGITdvRxQZ5y5yu3Winy2OB14"
access-control-max-age
86400
content-type
image/jpeg
fastly-io-info
ifsz=99962 idim=1600x900 ifmt=jpeg ofsz=20120 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
19487
d7341640-b375-4e8b-b24c-cbc306580a33.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		51 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/d7341640-b375-4e8b-b24c-cbc306580a33.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d392c3ec89587ddeb02908e31b42cb57aa111ec498a8da503986743dfb60036c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
age
7992
etag
"V/t1xbPit6uS0v0SELipLFTwjFrCF/KRM0fhYGeYJXM"
access-control-max-age
86400
content-type
image/jpeg
fastly-io-info
ifsz=217013 idim=1600x900 ifmt=jpeg ofsz=51768 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
51386
96d1ed83-6c63-4800-aa37-51d4a2e03f97.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		52 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/96d1ed83-6c63-4800-aa37-51d4a2e03f97.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b19aba2554baa8d219adb694438241ab2e8bd881c1b8e0d45e70d59c106cf1b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
age
7992
etag
"FQw14VZsC/AxeOufa2faEQWtzn0YSwcQM31Iz23tY2s"
access-control-max-age
86400
content-type
image/jpeg
fastly-io-info
ifsz=219992 idim=1600x900 ifmt=jpeg ofsz=53090 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
52120
f48895e9-6ad7-4831-81f5-c70989fe5200.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/f48895e9-6ad7-4831-81f5-c70989fe5200.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7b73c43ad3d8441acd6946a5fd824b6cf6cb3cc2895f66c4bfe770656239086

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
age
7992
etag
"WW3R33IUljNf/qR0acVg9yOUnaB/zCTfI9Etl/HNotg"
access-control-max-age
86400
content-type
image/jpeg
fastly-io-info
ifsz=36402 idim=1600x802 ifmt=jpeg ofsz=9692 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
8877
cf390813-6ca5-404e-87bf-88838f1195b5.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		30 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/cf390813-6ca5-404e-87bf-88838f1195b5.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bdd7a37142eecc768c354fa56e5937abbbd3505711e37ceaffd6354f9a98035b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
age
7982
etag
"z7dwO7Q6IdiIHXPavQQe1WWSgjUoE6MXUCGorx/VUrk"
access-control-max-age
86400
content-type
image/jpeg
fastly-io-info
ifsz=214059 idim=1600x900 ifmt=jpeg ofsz=30418 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
30015
prebid7.17.0-5.js
cds.connatix.com/p/plugins/ 		582 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid7.17.0-5.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
030eb475ef7c0c106d7209a34c0bd8bbd170afaeff8869cdf8643502630e74de

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
br
last-modified
Mon, 12 Dec 2022 10:35:23 GMT
age
283533
etag
"ba7c8774b5c6bb74c89d4fb6bfc11465"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
145615
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 15 Dec 2022 17:21:12 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
251b97479c72b5b0e35b1dcb02a395dc2f549997c8a0194dda8507e2f9e97d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:12 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
px.gif
ad-delivery.net/ 		43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
880663
x-guploader-uploadid
ADPycdvyS2xnAYOPuq1Fg9Vc829jhZ3LZWVwbUdyNtIoGpUaGjYFigHZryQ5w34P4fOoGXnnMjRyzrUVxkEkoSyLSWjfmAMkti6X
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP3unummxQ25ji4sMWSbvQ8Wqlhuoi%2FGhGxSpsVa5c3CpZU6FThQlsubhCjxv0cIsb4pT1WFH4QyN6UjcO%2F2s2YJ3BD0fyPzq0GM7031Lt4GN5k6AAtm1gFB%2BwLqGCGGsMLSFvsnN8T97DjZVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
77a0dab769348693-ORD
expires
Fri, 16 Dec 2022 17:21:12 GMT
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9522314645618521
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
880663
x-guploader-uploadid
ADPycdvyS2xnAYOPuq1Fg9Vc829jhZ3LZWVwbUdyNtIoGpUaGjYFigHZryQ5w34P4fOoGXnnMjRyzrUVxkEkoSyLSWjfmAMkti6X
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAlHUXz2TesJ7ct0ZpIWwh%2Bc0QZmlW8rY81UHW0c%2BqYeFj47jidMApZv0RbVyPzaM8ww2kLJsbJr%2BSEGwYdfdB8RkKp4bJYmEF02%2FjAvJ8pgsByNnGktIU6l9nIbYn3bEcsg%2FV%2FC%2F1b21xqgfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
77a0dab769388693-ORD
expires
Fri, 16 Dec 2022 17:21:12 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 15 Dec 2022 17:21:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
4181521
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:35:59 GMT
content-encoding
gzip
via
1.1 929cbb64d024a9973633b197e2a23482.cloudfront.net (CloudFront), 1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:34 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2, EWR52-C2
age
2714
etag
W/"909ff158818033daa43a2d271ecda3db"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
uTXYgwmdXk-x35nTTzZzYuLPxm_d0PIxWtlTihRhNeZOkBc3L36l2A==
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=scbTU3w0eWZqcTBpQXpibGhVWk9NT1ZKYWlBalVlYTNSUGpXd28yR2gwdzE2M3Fia1FhT1g3MDAwSmZXM3JRc0RuV1dwVGdDNjlWdGkwT1daSEN5azRwVmp4RzdnNWN5RTNmTG1jaGIyY2Y2MGVEcTFQcytIZjhKaENrQz...
391 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=scbTU3w0eWZqcTBpQXpibGhVWk9NT1ZKYWlBalVlYTNSUGpXd28yR2gwdzE2M3Fia1FhT1g3MDAwSmZXM3JRc0RuV1dwVGdDNjlWdGkwT1daSEN5azRwVmp4RzdnNWN5RTNmTG1jaGIyY2Y2MGVEcTFQcytIZjhKaENrQzM0OHdLNmRlYlo1SGxENUdaN25SNEZXYytFSnhrL3Rudmd1czVqREdDOXhiQ2plMVNpMzAwU2Z3bklRekI4a0pRZnpqbGJ3MWN5YXplWEhkWDgwMWpLVWdub0pnSENlTWNLWktPdjBCNFNpVVVOUDZNMmpMSjIwanVnL09DQWd4WkZBeTE2azN2fA&cppv=2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
55b643a9f145aeb4660c55e8a67e1f7cc3fa3e9616c932ad7a0b16c62936da62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1543732
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=scbTU3w0eWZqcTBpQXpibGhVWk9NT1ZKYWlBalVlYTNSUGpXd28yR2gwdzE2M3Fia1FhT1g3MDAwSmZXM3JRc0RuV1dwVGdDNjlWdGkwT1daSEN5azRwVmp4RzdnNWN5RTNmTG1jaGIyY2Y2MGVEcTFQcytIZjhKaENrQzM0OHdLNmRlYlo1SGxENUdaN25SNEZXYytFSnhrL3Rudmd1czVqREdDOXhiQ2plMVNpMzAwU2Z3bklRekI4a0pRZnpqbGJ3MWN5YXplWEhkWDgwMWpLVWdub0pnSENlTWNLWktPdjBCNFNpVVVOUDZNMmpMSjIwanVnL09DQWd4WkZBeTE2azN2fA&cppv=2
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
347253
content-length
0
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		132 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.115.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-115-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
96eeab5f23635790c0f785cf7be287a333fc8a9961ed8e592e948f7f005de8ee

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
3248dffc5428b06d1cdd780296458f5af40aa9cd9d366222bdda4477181f4d39

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 14 Jan 2023 17:21:12 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=nFJpg5Wmt&w=5733492711227392&o=5714937848528896&cv=2.1.03-1-g6247d5c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&sid=qseE3qJHz&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 17:21:12 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
etag
"StHfV9prSwQMxjKWocWEFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Dec 2022 17:21:13 GMT
load.js
s.ntv.io/serve/ 		534 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.213.46 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-213-46.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46dd7329fae693cad6f963d6003d0f43231df94b536c2bfa3c94f25671b9a5ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:13 GMT
Content-Encoding
gzip
x-amz-request-id
HQRHR8MGFAXBYG0M
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
GhBOqbEkIumEQO/saPxAT/IRpoR0OhhiS7/G3e535tZH+x1rPMm4QpRWvyaiGriuPtekArtsO0M=
Last-Modified
Mon, 12 Dec 2022 21:04:28 GMT
Server
AmazonS3
ETag
"099cbbd6da309f2753fd22dbaad9e76e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
config
c.amazon-adsystem.com/cdn/prod/ 		736 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 12:20:24 GMT
via
1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
18049
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
736
x-amz-cf-id
mGkqXvv7OphVmDNF0f0Olch6X21VdQZwzfd-tnlc93F-kyNDZdizIg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		219 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&pid=celH72gVrhSTU&cb=0&ws=1600x1200&v=22.1201.834&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.50.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-50-211.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
5c1c42cd16802a0c0199ca6adb79b2fa449a9955c306359fab17a435b452463d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
41M0DYE7GKXDN6ZCD70H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
219
x-amz-cf-id
uAXGx5Eq3B5TqJFkyZf1FTeSEZBrfAzyz44ktBfHiBZysJgElaI3fA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:27:25 GMT
x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 81834769243dfd27a095a32cf5b86722.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
53629
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
dJbeASH-FOb1WsRJMc09GAU6BoITWx2JVUPF7PtT5WlTUpHajCbeyQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.59.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-59-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Thu, 15 Dec 2022 17:36:13 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
6MMXV7VACT18W137
age
2085
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77a0dab8fffc15cf-EWR
x-amz-id-2
DZTPGuRy+DDq32wKetlmF1ekiYltAt9FkK6YRLip8ia1gTA63RIG0OZ7UMQ5C7ieqcgcvUHvzf4=
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:43:10 GMT
content-encoding
gzip
via
1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2284
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
6WHx-9hqbGNL-ei38NhWw2pTDfUS5OHe_f4g9TwHviLrg6VKfIlTww==
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.115.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-115-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d0460b016fa470f9548aceaa335c01cd1fe68052a3abd44cb642ac299fe5b7e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
origin-trial
server
nginx/1.20.0
content-type
text/javascript; charset=UTF-8
pixel;r=788010991;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F;uht=2;fpan=1;fpa=P0-550890645-1...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=788010991;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F;uht=2;fpan=1;fpa=P0-550890645-1671124873065;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=bleepingcomputer.com;dst=0;et=1671124873129;tzo=0;ogl=;ses=2edc0ede-e19a-40e3-bf79-15eb0e164a2f
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d1eed15facda36d04ce828aef4089bd3bb1de28a40dd6c48bc2cb1dbfae1d429
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 15 Dec 2022 17:21:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
36210e4354377ca7bc2a86afbb67251a3ca37fcf49baf5f2da10e45efd39ef87

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 15 Dec 2022 17:21:13 GMT
content-length
54
vary
Origin
content-type
application/json
cookie_sync
s2s.t13.io/ 		2 KB
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
5f2c1a70ee959152fd66841f85a1a471a59d3511915fec2ce7658a4fec6ae71e

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
660
expires
0
auction
s2s.t13.io/openrtb2/ 		16 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
d46a10ce2bec3eb7a0d5a95dbf97fd4c932b32e25ec3b11f5ab27d8ee5a2b255

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6214
expires
0
hb
ssc.33across.com/api/v1/ 		139 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dPGcAuqZ0r6Ok4aKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1c118121b72f1d1960b607a3586e877b36e7e7046802da20daa82ddff00f3b0a

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
colossusssp.com/ 		2 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 15 Dec 2022 17:21:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
cdb
bidder.criteo.com/ 		18 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=46742355143&lsavail=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
trinity.json
apex.go.sonobi.com/ 		30 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2235467063040ddf2%22%3A%22c21411ebb9ead0ae6d7d%7C970x90%2C728x90%7Cgpid%3D%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&s=03252a6c-39ae-4c2c-9839-e0c7dfeb5fe8&pv=d1828049-aed4-4445-b080-64bf3bbefc29&vp=desktop&lib_name=prebid&lib_v=7.19.7&us=3&fpd=%7B%22site%22%3A%7B%22name%22%3A%22bleepingcomputer-com%22%2C%22domain%22%3A%22bleepingcomputer.com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F%22%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%220ba141a9-e733-490a-8e8f-088fa695f4e6%22%2C%22tdid%22%3A%22e5c0b27e-ca49-4d83-b03f-9e17e3a38729%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220ba141a9-e733-490a-8e8f-088fa695f4e6%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e5c0b27e-ca49-4d83-b03f-9e17e3a38729%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:13 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-152
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&eidadserver.org=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d6d9cc433aac09ac81766e8fec596500c22423aaac0b7c87e1b35991fdd8c0a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&eidadserver.org=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5dc2c1613a7c3d5b9a1d6eb402e13ad2859a0e629695619cd983ecd6c17ef37d

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=scbTU3w0eWZqcTBpQXpibGhVWk9NT1ZKYWlBalVlYTNSUGpXd28yR2gwdzE2M3Fia1FhT1g3MDAwSmZXM3JRc0RuV1dwVGdDNjlWdGkwT1daSEN5azRwVmp4RzdnNWN5RTNmTG1jaGIyY2Y2MGVEcTFQcytIZjhKaENrQzM0OHdLNmRlYlo1SGxENUdaN25SNEZXYytFSnhrL3Rudmd1czVqREdDOXhiQ2plMVNpMzAwU2Z3bklRekI4a0pRZnpqbGJ3MWN5YXplWEhkWDgwMWpLVWdub0pnSENlTWNLWktPdjBCNFNpVVVOUDZNMmpMSjIwanVnL09DQWd4WkZBeTE2azN2fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 15 Dec 2022 17:21:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
272510
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
s2s.t13.io/
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=930966de-908b-44db-8bb4-acb19f7301b1
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=930966de-908b-44db-8bb4-acb19f7301b1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=930966de-908b-44db-8bb4-acb19f7301b1
date
Thu, 15 Dec 2022 17:21:13 GMT
content-length
0
t
jadserve.postrelease.com/ 		115 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-76-203.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
122
expires
Mon, 1 Jan 1990 12:00:00 GMT
pubfig.messaging.2.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
a.pub.network/core/pubfig/ 		230 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c13fd8a693173053aefe83b24e9890659c94d49c2beb2ff6265cc4bd5bb14ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3137
x-guploader-uploadid
ADPycdtqatTJ_GV8DH6nPXmH-c-R0FE4IIdEJ0ubn_zkIzW4ezK-QTEdGyYH9gT42hfoaSVqwEsDKuVKV5Zxwi_HRORt4Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 12 Dec 2022 18:39:40 GMT
server
cloudflare
etag
W/"3dca6847ea15e2b9a9ff81edcf90a412"
vary
Accept-Encoding
x-goog-generation
1670870379996239
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=XLl38w==, md5=PcpoR+oV4rmp/4Htz5CkEg==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
235958
access-control-allow-origin
*
cf-ray
77a0daba3b5dca53-YUL
expires
Thu, 15 Dec 2022 18:21:13 GMT
hadron.json
id.hadron.ad.gt/v1/ 		47 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=
Requested by
Host: id.hadron.ad.gt
URL: https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.115.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-115-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
29676304580ef48e6ecf61c48634b59d751c08f167a77377b7048102bef694a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
server
nginx/1.20.0
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
public,max-age=30
access-control-allow-credentials
true
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.115.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-115-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
public,max-age=30
content-encoding
gzip
content-type
application/json
date
Thu, 15 Dec 2022 17:21:13 GMT
server
nginx/1.20.0
vary
Origin
c
c.pub.network/ 		36 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d1eec3948a4661af20e8ae131554204fda646c7f71224f400869c3cde78bef4f

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
setuid
s2s.t13.io/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g6b678312c8c42161cb9&gdpr=&gdpr_consent=&us_privacy=
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g6b678312c8c42161cb9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g6b678312c8c42161cb9&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
882.json
id5-sync.com/g/v2/ 		462 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d551c155532d8f2abdfaaf2eae79100be593f040b54a72094bda76b59dc0d605
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
474
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=prebid
Requested by
Host: id.hadron.ad.gt
URL: https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.176.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-176-198.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e61c212e051e6ea19350c0dcdad7a052b7a729156514729f6bfc4934ce4d4803

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		834 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3598040350531576&correlator=1089843661611171&eid=31071093%2C31071151%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=1087171916&didk=2803950313&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D2f3232%26floors_hour%3D17%26floors_user%3D1%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3D01651b21-b521-476a-8dc3-6360bcca0b20%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_970x90%26hb_format%3Dbanner%26hb_adid%3D39eeaa7323bd426%26hb_bidder%3Dmedianet%26hb_size%3D970x90%26hb_pb%3D0.03&eri=1&cust_params=fs_session_id%3D38e525a1-c956-4dbb-8a79-af465fe2dfc8%26fs_pageview_id%3Dd9c7a65821206e31ca96fa9ebeb1a20f%26user-agent%3DChrome%26fs_pbs_tg%3Ds2sBidder%253Aall_server%26section%3Dnews%252Csecurity%252Cmicrosoft&sc=1&cookie=ID%3Dc86a005f9572cfc4-22d79cac60b40058%3AT%3D1671124872%3ART%3D1671124872%3AS%3DALNI_MZtXMQXLTE6i1oguwhe4Lgi98hldw&gpic=UID%3D000008d436e5e7b2%3AT%3D1671124872%3ART%3D1671124872%3AS%3DALNI_MaCOUwIP-sq30dyFH-5qiYNzHXXnA&abxe=1&dt=1671124873625&lmt=1671048912&dlt=1671124871343&idt=1390&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1617610065.1671124872&ga_sid=1671124872&ga_hid=592695765&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03466eced1fd270a167b470e99aa65ae07464af2fc9e0931bdb80aabce469daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
425
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e0923b16691b2b855992e1f8c6e4bed1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e0923b16691b2b855992e1f8c6e4bed1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 17:21:13 GMT
expires
Fri, 15 Dec 2023 17:21:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
s2s.t13.io/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID&sovrn_retry=true
  • https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=F0jxhLZH6eZ53b2YQ6iZr4eq
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=F0jxhLZH6eZ53b2YQ6iZr4eq
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Date
Thu, 15 Dec 2022 17:21:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=F0jxhLZH6eZ53b2YQ6iZr4eq
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
474
p.ad.gt/api/v1/p/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a6ab4fb68dee5ee93bb90623d9d3fd6985574799fe6d70ec68a838b821310a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Dec 2022 17:46:56 GMT
server
cloudflare
age
216
etag
W/"1671040016.0-42451-3373272138"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
77a0dabdafb8f03d-EWR
expires
Fri, 16 Dec 2022 05:17:37 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&adnxs_id=7964311275014384432&gdpr=0
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&adnxs_id=7964311275014384432&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Fri, 16 Dec 2022 05:21:14 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:13 GMT
AN-X-Request-Uuid
61d5df99-7489-4155-b83a-526709201dd8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&adnxs_id=7964311275014384432&gdpr=0
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001671124874-JANQWHA9-Q40V&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&id=AU1D-0100-001671124874-JANQWHA9-Q40V
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&id=AU1D-0100-001671124874-JANQWHA9-Q40V
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Fri, 16 Dec 2022 05:21:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&id=AU1D-0100-001671124874-JANQWHA9-Q40V
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BF66B2B7-10A4-4A33-8409-E018E75178B2&id=AU1D-0100-001671124874-JANQWHA9-Q40V
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=BF66B2B7-10A4-4A33-8409-E018E75178B2&id=AU1D-0100-001671124874-JANQWHA9-Q40V
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Fri, 16 Dec 2022 05:21:14 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=BF66B2B7-10A4-4A33-8409-E018E75178B2&id=AU1D-0100-001671124874-JANQWHA9-Q40V
date
Thu, 15 Dec 2022 17:21:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001671124874-JANQWHA9-Q40V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671124874...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001671124874-JANQWHA9-Q40V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%252Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-010...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttd_puid=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%2Chttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&tapad_id=2ab77f41-7cd1-441d-b7c6-59ab82a4c385
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&tapad_id=2ab77f41-7cd1-441d-b7c6-59ab82a4c385
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Fri, 16 Dec 2022 05:21:14 GMT

Redirect headers

date
Thu, 15 Dec 2022 17:21:13 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&tapad_id=2ab77f41-7cd1-441d-b7c6-59ab82a4c385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001671124874-JANQWHA9-Q40V
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001671124874-JANQWHA9-Q40V&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&google_gid=CAESEJQUe065baF8t1dKTsftxMA&google_cver=1&google_ula=450542624,0
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&google_gid=CAESEJQUe065baF8t1dKTsftxMA&google_cver=1&google_ula=450542624,0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Fri, 16 Dec 2022 05:21:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&google_gid=CAESEJQUe065baF8t1dKTsftxMA&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001671124874-JANQWHA9-Q40V
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTEyNDg3NC1KQU5RV0hBOS1RNDBW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTEyNDg3NC1KQU5RV0hBOS1RNDBW
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTEyNDg3NC1KQU5RV0hBOS1RNDBW
date
Thu, 15 Dec 2022 17:21:14 GMT
server
nginx/1.20.0
content-length
473
content-type
text/html; charset=utf-8
token
token.rubiconproject.com/ 		0
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001671124874-JANQWHA9-Q40V&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us
sync.go.sonobi.com/ 		0
0
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26auid%3DAU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671124874-JANQWHA9-Q40V%26auid...
  • https://ids.ad.gt/api/v1/openx?openx_id=11ba4ab2-49b8-4e3e-90bb-cffc18f235b1&id=AU1D-0100-001671124874-JANQWHA9-Q40V&auid=AU1D-0100-001671124874-JANQWHA9-Q40V
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=11ba4ab2-49b8-4e3e-90bb-cffc18f235b1&id=AU1D-0100-001671124874-JANQWHA9-Q40V&auid=AU1D-0100-001671124874-JANQWHA9-Q40V
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Fri, 16 Dec 2022 05:21:14 GMT

Redirect headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://ids.ad.gt/api/v1/openx?openx_id=11ba4ab2-49b8-4e3e-90bb-cffc18f235b1&id=AU1D-0100-001671124874-JANQWHA9-Q40V&auid=AU1D-0100-001671124874-JANQWHA9-Q40V
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ip_match
ids.ad.gt/api/v1/ 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
server
nginx/1.20.0
content-length
0
content-type
text/html; charset=utf-8
halo_match
ids.ad.gt/api/v1/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&halo_id=060fe9a9elkbk9fhdebahjida97ik8iaf7kom6e6m0ygy6oskmgeswuke62uy4ueo
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.200.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-200-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Fri, 16 Dec 2022 05:21:13 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-tqvvwgJE2uGC0FZ8X4mOd3eXYSOdjbkP7cL6._A-~A
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-tqvvwgJE2uGC0FZ8X4mOd3eXYSOdjbkP7cL6._A-~A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-tqvvwgJE2uGC0FZ8X4mOd3eXYSOdjbkP7cL6._A-~A
date
Thu, 15 Dec 2022 17:21:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
floors
api.floors.dev/sgw/v1/ 		237 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0c8326c401275771acb66ced7a457517f2d9ac64ac032a3b7257ff5950f7cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:13 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 15 Dec 2022 17:21:13 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d1eec3948a4661af20e8ae131554204fda646c7f71224f400869c3cde78bef4f

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
rtd
seg.hadron.ad.gt/api/v1/ 		21 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.115.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-115-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e58f2b14bf0d4c54c1b5d68ea56a2a698a9cd16763de1da6650f3e23361042a5

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
rtd
seg.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seg.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.115.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-115-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.bleepingcomputer.com
content-encoding
gzip
content-type
application/json
date
Thu, 15 Dec 2022 17:21:14 GMT
server
nginx/1.20.0
vary
Origin
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%3Cvsid%3E
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3141264741454978000V10
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3141264741454978000V10
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 15 Dec 2022 17:21:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3141264741454978000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:14 GMT
auction
s2s.t13.io/openrtb2/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
aeeafbbb7a13d8edd36d57074e88c0230192cbea0dbb8f1a5aca65a0654b9075

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5947
expires
0
/
colossusssp.com/ 		2 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 15 Dec 2022 17:21:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
cdb
bidder.criteo.com/ 		18 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=43894591153&lsavail=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&eidcriteo.com=uKj64V9CZk9tSVhKN0F3cWVXN0xnMyUyRlYlMkJ6WGdWQmRyeHJwNSUyRkh2dUM4OGo4VTRCUyUyRnVhcGtiZ081NGZXR2dhalZybVkwWUl2aFpEWWNzdUJ1NHoyckVZVkNDa3JzOFFqNWlYSCUyQmNaeTJ5N1FYUWslM0Q&eidadserver.org=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
bd75349d3069720d496726a7ba6f7044a74605135fcaec4420341cfdd9487e65

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&eidcriteo.com=uKj64V9CZk9tSVhKN0F3cWVXN0xnMyUyRlYlMkJ6WGdWQmRyeHJwNSUyRkh2dUM4OGo4VTRCUyUyRnVhcGtiZ081NGZXR2dhalZybVkwWUl2aFpEWWNzdUJ1NHoyckVZVkNDa3JzOFFqNWlYSCUyQmNaeTJ5N1FYUWslM0Q&eidadserver.org=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0c62d3350b7b877554d2f7c477d4907897c1daecc06a1d002413cb502f11e3a8

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
trinity.json
apex.go.sonobi.com/ 		522 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2275aa71d35d2cf9b%22%3A%22c21411ebb9ead0ae6d7d%7C970x90%2C728x90%7Cgpid%3D%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&s=31faebb0-2a2e-4b9b-87b7-993a710b0d5f&pv=d1828049-aed4-4445-b080-64bf3bbefc29&vp=desktop&lib_name=prebid&lib_v=7.19.7&us=3&fpd=%7B%22site%22%3A%7B%22name%22%3A%22bleepingcomputer-com%22%2C%22domain%22%3A%22bleepingcomputer.com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F%22%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22criteoId%22%3A%22uKj64V9CZk9tSVhKN0F3cWVXN0xnMyUyRlYlMkJ6WGdWQmRyeHJwNSUyRkh2dUM4OGo4VTRCUyUyRnVhcGtiZ081NGZXR2dhalZybVkwWUl2aFpEWWNzdUJ1NHoyckVZVkNDa3JzOFFqNWlYSCUyQmNaeTJ5N1FYUWslM0Q%22%2C%22hadronId%22%3A%220001yum0eaclga66h8kc99db7el966gjggkeibahbkabackkc2jl%22%2C%22pubcid%22%3A%220ba141a9-e733-490a-8e8f-088fa695f4e6%22%2C%22tdid%22%3A%22e5c0b27e-ca49-4d83-b03f-9e17e3a38729%22%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22uKj64V9CZk9tSVhKN0F3cWVXN0xnMyUyRlYlMkJ6WGdWQmRyeHJwNSUyRkh2dUM4OGo4VTRCUyUyRnVhcGtiZ081NGZXR2dhalZybVkwWUl2aFpEWWNzdUJ1NHoyckVZVkNDa3JzOFFqNWlYSCUyQmNaeTJ5N1FYUWslM0Q%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eaclga66h8kc99db7el966gjggkeibahbkabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220ba141a9-e733-490a-8e8f-088fa695f4e6%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e5c0b27e-ca49-4d83-b03f-9e17e3a38729%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
126fc7a47fe5a4e1519c3a1fc453876d84e0e938a2d7bdfb10876dfe16243056
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:14 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-152
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
356
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		139 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dPGcAuqZ0r6Ok4aKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
dafeb03f08b5e8bfa63c73c55b5ccf5a8efa9497ae2103117bcdd582a535253a

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
setuid
s2s.t13.io/ Frame A46C
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%...
  • https://cs.emxdgt.com/umcheck?apnxid=7964311275014384432&redirect=https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9zMnMudDEzLmlvL...
  • https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=7964311275014384432brt53491671124874305228b3
0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=7964311275014384432brt53491671124874305228b3
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 17:21:14 GMT
expires
0
pragma
no-cache
via
1.1 google

Redirect headers

content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 17:21:13 GMT
location
https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=7964311275014384432brt53491671124874305228b3
isync
visitor.omnitagjs.com/visitor/ Frame 87C3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
6e4411d6acc08d894d5cc5f3a25aeb4c6fccff667ff5e54837379709ee74edcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1557
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 17:21:14 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
setuid
s2s.t13.io/ Frame 87C3 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adyoulike&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=6d57a4d92738362ffc56cf1e02b72ece
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7964311275014384432&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7964311275014384432&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cff416b3-a070-446f-ab95-e7ca542083d0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7964311275014384432&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7964311275014384432&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7964311275014384432&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:14 GMT
AN-X-Request-Uuid
14bd255c-1198-478f-a6ec-864f4bc5750f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7964311275014384432&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame 87C3 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=6d57a4d92738362ffc56cf1e02b72ece
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-6.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
tcliTrr2TwrzUP8Z42kUNjZ0fwuTDiWANDCP3Ivrvy7rXdpDIguHDA==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adyoulike
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=979321829986624376&expires=30&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Thu, 15 Dec 2022 17:21:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zS9xYaq9SKvFy03JE4a7&name=RTB_HOUSE&pi=adyoulike&tc=1
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zS9xYaq9SKvFy03JE4a7&name=RTB_HOUSE&pi=adyoulike&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
13
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=zS9xYaq9SKvFy03JE4a7&name=RTB_HOUSE&pi=adyoulike&tc=1
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT, Thu, 15 Dec 2022 17:21:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&name=THE_TRADE_DESK
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&name=THE_TRADE_DESK
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
319
sync
vid.vidoomy.com/ Frame 87C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D8fbd69cc083d6399099e25c303aa5e32%26visitor%3D%7B%7BVID%7D%7D%26name%3DVIDOOMY&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
aul
match.prod.bidr.io/cookie-sync/ Frame 87C3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Server
34.226.72.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-72-146.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Date
Thu, 15 Dec 2022 17:21:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Dev...
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=57bff3a4-128a-4db0-899d-6d2cda5ec48e&name=evolution
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=57bff3a4-128a-4db0-899d-6d2cda5ec48e&name=evolution
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:14 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=57bff3a4-128a-4db0-899d-6d2cda5ec48e&name=evolution
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d96d5bac-a01a-4766-8710-3d9ae828fe2c%20&gdpr_consent=null&gdpr=0
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d96d5bac-a01a-4766-8710-3d9ae828fe2c%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=d96d5bac-a01a-4766-8710-3d9ae828fe2c &gdpr_consent=null&gdpr=0
date
Thu, 15 Dec 2022 17:21:14 GMT
server
_
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3...
  • https://stags.bluekai.com/site/23178?id=hEm9IiKFmxmiwfaXe787&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hEm9IiKFmxmiwfaXe787
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hEm9IiKFmxmiwfaXe787
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=hEm9IiKFmxmiwfaXe787
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
188
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://stags.bluekai.com/site/23178?id=yH6YX6kHP9S5e3yY820t&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGNZQW2ZJ5LJCU2QKOKRAV6...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=yH6YX6kHP9S5e3yY820t
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=yH6YX6kHP9S5e3yY820t
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=yH6YX6kHP9S5e3yY820t
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
192
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=087e2204074fbc2682981cf6&gdpr=0&gdprConsent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=087e2204074fbc2682981cf6&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=087e2204074fbc2682981cf6&gdpr=0&gdprConsent=
Date
Thu, 15 Dec 2022 17:21:14 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6f525375-4123-4700-54ce-a44ab28bd190$ip$149.56.153.181&name=STACKADAPT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6f525375-4123-4700-54ce-a44ab28bd190$ip$149.56.153.181&name=STACKADAPT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-6f525375-4123-4700-54ce-a44ab28bd190$ip$149.56.153.181&name=STACKADAPT
Date
Thu, 15 Dec 2022 17:21:14 GMT
Connection
keep-alive
Content-Length
191
Content-Type
text/html; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3538&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=9968dfaf7bb9a2ba4ef7b1b35c491cdc&gdpr_consent=&gdpr=0
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=9968dfaf7bb9a2ba4ef7b1b35c491cdc&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=7ab967d40b91570ff51c4cdaa51fe5d6&name=FREEWHEEL&visitor=9968dfaf7bb9a2ba4ef7b1b35c491cdc&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671124874931050-255
4b8f8957881b0c14cfc1656ea578b9f9.gif
cs.admanmedia.com/ Frame 87C3 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=F0jxhLZH6eZ53b2YQ6iZr4eq
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=F0jxhLZH6eZ53b2YQ6iZr4eq
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
8
content-length
49
expires
0

Redirect headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=F0jxhLZH6eZ53b2YQ6iZr4eq
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e3edcfd0-0cbe-535d-ab56-dfc9c8cd8842&name=BETWEENX
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e3edcfd0-0cbe-535d-ab56-dfc9c8cd8842&name=BETWEENX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e3edcfd0-0cbe-535d-ab56-dfc9c8cd8842&name=BETWEENX
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8778&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D5a6dfefcb43521ff293762793ad668db%26visitor%3D%24SPOTX_USER_ID%26name%3DSPO...
  • https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=df96025e-7c9c-11ed-995f-196b415d0403&name=SPOTX
49 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=df96025e-7c9c-11ed-995f-196b415d0403&name=SPOTX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

date
Thu, 15 Dec 2022 17:21:14 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://visitor.omnitagjs.com/visitor/sync?uid=5a6dfefcb43521ff293762793ad668db&visitor=df96025e-7c9c-11ed-995f-196b415d0403&name=SPOTX
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
364
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 87C3
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f8fd8ca0-0476-4fcb-bfba-dcf4e7751703&name=BIDTELLECT
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f8fd8ca0-0476-4fcb-bfba-dcf4e7751703&name=BIDTELLECT
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:02 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=f8fd8ca0-0476-4fcb-bfba-dcf4e7751703&name=BIDTELLECT
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
265
expires
-1
711333.gif
id.rlcdn.com/ Frame 87C3 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync.html
s.spotim.market/ Frame 6F5D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
46e0100048a208436f91dd90b13dc27d406a15942d7e663e02ea1a11edac77bf

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1082
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 17:21:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC2F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.212.188 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-212-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33393
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 15 Dec 2022 17:21:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 02:37:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C360 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame A753
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 17:21:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 17:21:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 74CF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 17:21:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 17:21:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 88F9 		818 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
384457f1206ca83b11d3b93e06e970e10921376da4a3f28aa92ac8f033ef828b

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
818
content-type
text/html
date
Thu, 15 Dec 2022 17:21:14 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 17:21:14 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 17:21:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EC2F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27002075&p=160925&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a0fc17b481cffb114ec584fac45cd546fef08fb1772637c5b2c4bd8cba23a00b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 17:21:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame A753 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47129
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:26:43 GMT
usync.js
eus.rubiconproject.com/ Frame 74CF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47129
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:26:43 GMT
sync
visitor.omnitagjs.com/visitor/ Frame A753
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&khaos=LBPCLP5R-B-JTJD
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LBPCLP5R-B-JTJD&name=RUBICON
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LBPCLP5R-B-JTJD&name=RUBICON
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LBPCLP5R-B-JTJD&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19600bc21eacf9565125744d917cac10
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 88F9 		49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=7725544352171782613&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 88F9
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=b0d17272-277e-468d-a259-401b3a43ec6a&gdpr=0&gdpr_consent=
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=b0d17272-277e-468d-a259-401b3a43ec6a&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=b0d17272-277e-468d-a259-401b3a43ec6a&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
redir
rtb-csync.smartadserver.com/ Frame 88F9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
Date
Thu, 15 Dec 2022 17:21:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame 88F9
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7725544352171782613&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7725544352171782613&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.92.113.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-113-255.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7725544352171782613&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 88F9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=X7ml1G9Ozzw9&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=X7ml1G9Ozzw9&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=X7ml1G9Ozzw9&ev=1&pid=560288&gdpr_consent=&gdpr=0
content-language
en-CA
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-chfjj
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 070D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5tXigAEOaXcXAAF&gdpr=0&gdpr_consent=&_test=Y5tXigAEOaXcXAAF
1 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5tXigAEOaXcXAAF&gdpr=0&gdpr_consent=&_test=Y5tXigAEOaXcXAAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 17:21:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5tXigAEOaXcXAAF&gdpr=0&gdpr_consent=&_test=Y5tXigAEOaXcXAAF
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4550-YYZ
x-timer
S1671124875.999089,VS0,VE0
dcm
s.amazon-adsystem.com/ Frame 880E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 17:21:15 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CZ56DWEFGXSJFH4W4JXB

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 17:21:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ED6S6ENHS326PAEHARC8
Pug
simage2.pubmatic.com/AdServer/ Frame FE44
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 17:21:15 GMT
Expires
Thu, 15 Dec 2022 17:21:14 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master ord-pixel-x21 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&gdpr=0&gdpr_consent=
sync
visitor.omnitagjs.com/visitor/ Frame D26A 		49 B
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=BF66B2B7-10A4-4A33-8409-E018E75178B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 15 Dec 2022 17:21:14 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v2aytxCkSjOECeAY51F4sg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Server
184.28.212.188 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-212-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33393
accept-ranges
bytes
content-length
5549
expires
Fri, 16 Dec 2022 02:37:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame EC2F 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.77.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-77-41.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
92713a74599c460dae3dc5b1a59ccd0b
i.liadm.com/s/e/75145/0/ Frame EC2F
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=BF66B2B7-10A4-4A33-8409-E018E75178B2
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&_li_chk=true&previous_uuid=c7b5c72a34414960a95a0d94a9bf8957
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2F92713a74599c460dae3dc5b1a59ccd0b%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&c7b5c72a-3441-4960-a95a-0d94...
  • https://i.liadm.com/s/e/75145/0/92713a74599c460dae3dc5b1a59ccd0b?mpid=7156&muid=d81e639b-578b-4500-a081-9e458f2ab181
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/75145/0/92713a74599c460dae3dc5b1a59ccd0b?mpid=7156&muid=d81e639b-578b-4500-a081-9e458f2ab181
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
HTTP/1.1
Server
34.225.175.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-175-117.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Date
Thu, 15 Dec 2022 17:21:15 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://i.liadm.com/s/e/75145/0/92713a74599c460dae3dc5b1a59ccd0b?mpid=7156&muid=d81e639b-578b-4500-a081-9e458f2ab181
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 17:21:14 GMT
receive
pixel.tapad.com/idsync/ex/ Frame EC2F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BF66B2B7-10A4-4A33-8409-E018E75178B2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D2ab77f41-7cd1-441d-b7c6-59ab82a4c385%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7964311275014384432&pt=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7964311275014384432&pt=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:14 GMT
AN-X-Request-Uuid
3d4a5205-54e0-4b8c-9413-2a68f0e0705b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7964311275014384432&pt=2ab77f41-7cd1-441d-b7c6-59ab82a4c385%2C
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EC2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkY2NkIyQjctMTBBNC00QTMzLTg0MDktRTAxOEU3NTE3OEIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EC2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIAndhdRbqszG_NLVWyaATU&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIAndhdRbqszG_NLVWyaATU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIAndhdRbqszG_NLVWyaATU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EC2F
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 15 Dec 2022 17:21:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 17:21:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EC2F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame EC2F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
42 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
BF66B2B7-10A4-4A33-8409-E018E75178B2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EC2F 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BF66B2B7-10A4-4A33-8409-E018E75178B2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:5032:8a68:2087:27ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame EC2F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BF66B2B7-10A4-4A33-8409-E018E75178B2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1rePhKpE2uVhn1yTAVuGw3CXACzetg0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1rePhKpE2uVhn1yTAVuGw3CXACzetg0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1rePhKpE2uVhn1yTAVuGw3CXACzetg0-~A&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 17:21:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame A753
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmNDZhY2Y5YWFkZmQ0YTc2MTFlZDRlNzMzZmYyMmEyY2RjZWYwZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmNDZhY2Y5YWFkZmQ0YTc2MTFlZDRlNzMzZmYyMmEyY2RjZWYwZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTNmNDZhY2Y5YWFkZmQ0YTc2MTFlZDRlNzMzZmYyMmEyY2RjZWYwZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame A753
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPCLP5R-B-JTJD
0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPCLP5R-B-JTJD
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:14 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A2F8F07BC1B0494BAF14E869A912F385 Ref B: YTO01EDGE0811 Ref C: 2022-12-15T17:21:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv4RSN/Dd2y3gnlrtwRg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPCLP5R-B-JTJD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A753
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQQ0xQNVItQi1KVEpE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQQ0xQNVItQi1KVEpE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQQ0xQNVItQi1KVEpE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A753
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/D47uwR0LmluyJvlA8ELI5g?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_FGJpqBE2oL95cu0RYg2RybhvZn.mErtCj388g--~A
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_FGJpqBE2oL95cu0RYg2RybhvZn.mErtCj388g--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_FGJpqBE2oL95cu0RYg2RybhvZn.mErtCj388g--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A753
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOUEmZVjN61nBDztgjdMWyI&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOUEmZVjN61nBDztgjdMWyI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOUEmZVjN61nBDztgjdMWyI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
pixel.rubiconproject.com/ Frame A753
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mDkiw_o8QHqCj7zhNF8qbA&rk=usync-other
0
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mDkiw_o8QHqCj7zhNF8qbA&rk=usync-other
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TFXZDYC9Z89X3SYY66V1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mDkiw_o8QHqCj7zhNF8qbA&rk=usync-other
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
token
pixel.rubiconproject.com/ Frame A753
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CGgK2wJdSVyRrbyd2KdWBQ&rk=usync-na
0
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CGgK2wJdSVyRrbyd2KdWBQ&rk=usync-na
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DBP2GJY2MFC5T67BWN2H
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CGgK2wJdSVyRrbyd2KdWBQ&rk=usync-na
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A753
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=&expires=30
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 58AC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.212.188 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-212-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33392
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 15 Dec 2022 17:21:15 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 02:37:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 190D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=7964311275014384432
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=7964311275014384432
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 17:21:14 GMT
Etag
d28f18fbdf67107a
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
2b3a6f51-5e70-42bd-9fa2-0bf656c68b1c
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 17:21:15 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=7964311275014384432
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame B9A3 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame E336
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=2442628202676436868836
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=2442628202676436868836
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 17:21:14 GMT
Etag
d28f18fbdf67107a
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 15 Dec 2022 17:21:15 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=2442628202676436868836
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.spotim.market/ Frame 6F5D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gd...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&partner_url=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D30901...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=$0&gdpr_consent=$
0
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=$0&gdpr_consent=$
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
Server
Adtelligent
Etag
d28f18fbdf67107a
Content-Length
0

Redirect headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=$0&gdpr_consent=$
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csync
sync.spotim.market/ Frame 6F5D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1671124875231
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3749987486
  • https://sync.1rx.io/usersync/tradedesk/e5c0b27e-ca49-4d83-b03f-9e17e3a38729
  • https://sync.targeting.unrulymedia.com/csync/RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-352cb321-e524-4275-9baa-a...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
Server
Adtelligent
Etag
d28f18fbdf67107a
Content-Length
0

Redirect headers

Date
Thu, 15 Dec 2022 17:21:15 GMT
Server
Tengine
ETag
RX352cb321e52442759baaab4b8c3755b5005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Content-Type
text/html
Connection
keep-alive
csync
sync.spotim.market/ Frame 6F5D
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=0124dc18-79ab-422b-a8cc-1bb98ed63838
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=0124dc18-79ab-422b-a8cc-1bb98ed63838
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:14 GMT
Server
Adtelligent
Etag
d28f18fbdf67107a
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=0124dc18-79ab-422b-a8cc-1bb98ed63838
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
9hmkd2oj9gaotco8lie65dfta5ilct22
sync
visitor.omnitagjs.com/visitor/ Frame 6F5D
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=d28f18fbdf67107a&name=OPENWEB
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=d28f18fbdf67107a&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:14 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=d28f18fbdf67107a&name=OPENWEB
Date
Thu, 15 Dec 2022 17:21:14 GMT
Server
Adtelligent
Etag
d28f18fbdf67107a
Content-Length
0
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3598040350531576&correlator=1089843661611171&eid=31071093%2C31071151%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=4&adks=1087171916&didk=2803950313&sfv=1-0-40&ris=2&rcs=1&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26floors_id%3Dcontrol%26floors_hour%3D17%26floors_user%3D1%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3Da9d8e75d-c7f4-442e-b167-13757a564692%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_970x90%26hb_format%3Dbanner%26hb_adid%3D79900f80899b8c%26hb_bidder%3Dmedianet%26hb_size%3D970x90%26hb_pb%3D0.05&eri=1&cust_params=fs_session_id%3D38e525a1-c956-4dbb-8a79-af465fe2dfc8%26fs_pageview_id%3Dd9c7a65821206e31ca96fa9ebeb1a20f%26user-agent%3DChrome%26fs_pbs_tg%3Ds2sBidder%253Aall_server%26section%3Dnews%252Csecurity%252Cmicrosoft&sc=1&cookie=ID%3Dc86a005f9572cfc4-22d79cac60b40058%3AT%3D1671124872%3AS%3DALNI_MZtXMQXLTE6i1oguwhe4Lgi98hldw&gpic=UID%3D000008d436e5e7b2%3AT%3D1671124872%3ART%3D1671124872%3AS%3DALNI_MaCOUwIP-sq30dyFH-5qiYNzHXXnA&abxe=1&dt=1671124875306&lmt=1671048912&dlt=1671124871343&idt=1390&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1617610065.1671124872&ga_sid=1671124872&ga_hid=592695765&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0638cfd1490c7f9e1a405288da36350d213702a96be3a2bdf58c48c0dc4f2ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9942
x-xss-protection
0
google-lineitem-id
5633811505
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138341660352
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 5862 		799 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
88600b32d00fd4cdeb975a88bb1d5630d4e6ef3e4fec015423038f324ee5d56e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
496
content-type
text/html
date
Thu, 15 Dec 2022 17:21:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
s2s.t13.io/ Frame 5862 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=0124dc18-79ab-422b-a8cc-1bb98ed63838
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 5862
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4472079285282843908&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 5862
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5tXigAEOaXcXAAF
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5tXigAEOaXcXAAF
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4550-YYZ
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671124876.511258,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5tXigAEOaXcXAAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ac3d3593-5098-e38b-f297-cd59f0da37fc
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5862 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/ac3d3593-5098-e38b-f297-cd59f0da37fc?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:5032:8a68:2087:27ba Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 5862
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=38fa53d7-c034-71c2-c340-dbac0f8dfab5&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttd_puid=38fa53d7-c034-71c2-c340-dbac0f8dfab5&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttd_puid=38fa53d7-c034-71c2-c340-dbac0f8dfab5&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&ttd_puid=38fa53d7-c034-71c2-c340-dbac0f8dfab5&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 5862 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTQ5NTgwMWQtMDk0My0yZjY2LWQ2YTAtODExNWM1NmYzNGQ1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5862
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE59UDmSqVLbWaLMhYwlYDg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE59UDmSqVLbWaLMhYwlYDg&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE59UDmSqVLbWaLMhYwlYDg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29883
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nefTACGhtmluTH%2BHOAV7PzEmadMSntzlKqxBye2bSeTCmq2NQR3x%2F90JGLeKCfCEyJD4wm6aCYlOMqJzRx3NF3HOPjjUZLJB%2FyKAOqpkvWaFM2zeu8G3F0njFXUQaVWAXk7lmmw59bB2eWlVONs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77a0dac9ae917151-YUL
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:17:52 GMT
content-encoding
gzip
age
72203
x-guploader-uploadid
ADPycduBdBocD_dFxPLxvKAKRoSAAvGsFlLjb_k4LovtAHnrmFMw460b57xCFhOa5r6NwkiaHKCZnXfzRW3shtO-6hgiHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 14 Dec 2023 21:17:52 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
W1E659KX27Q5VG4H
age
1643
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77a0dac98d0a15cf-EWR
x-amz-id-2
S7ANwhhDGsgyYfwAyXbSvon1zKWpfTX4yz8u8BWPN/2Zz8YxDxepa3X+OTaACmm3JyFmAOU3K62n5s3CPdiPvQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		983 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:6800:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a098542163dc535e0e3c4ed1bca8fcc8a13f0b827027385af73b8d3db5fa38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 01:20:14 GMT
Via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Dec 2022 01:20:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
57662
ETag
"0e5a5daa4df15b9fd6c9195ac991749e"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
983
X-Amz-Cf-Id
qhvMD3dMcBq65I981w4B0iwNI8rkn_vcendzKefTMWKx-UtOZjCIsg==
view
securepubads.g.doubleclick.net/pcs/ Frame 50AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4McwMJIAENk6WLeRYM8i97tV5HO7XNlNL2V3WITlEhaYAwcfF02Vb6lbQkFBNZPwwkLsZU-TD2HXrJx7sqadU9vJsaQXyzZvG575H0GvtFu9EAETLaevKczU-RHTM_n8EiovIDTpb74-coXfV7s2cxegcVnxi2WDyHgOcPfeBvyRXSK0KWvqETV9qaYGRemYwSCO7ekVvuqfTPkibmyl_90tFpcsjjP6V5xdyqxJIN1sHeVMY_5iUuKbr1vXahESBZUXXVPJMRHaduKG1kYrhvWzIduOljDyBrgeBfB0KdXKiTTA8goO_0PMkEM0YfMFOFFCajGBM2EZgm2QtJXvArK8jli87c4Xs78TKt0-tqVorH4mDm0QfZQ&sai=AMfl-YTioBkssCrdVEjV5KthDw4qmNqlKRxgj8nejRsTCgb-cs07m7vCwHNTWYum3qMBm293phZhZj4CZmR5po2-_u6U-onzngUDQlnQpF8TM8eKZPR_CqEaeEJLwQBCEO-3ew&sig=Cg0ArKJSzDcmc-ZYS2MtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
prebid-universal-creative.js
a.pub.network/core/ Frame 50AD 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3136
x-guploader-uploadid
ADPycdtRCshQ67w4huezrJVfI-W0lVvFf-0lQx37Dye4fNfRy4QOBipuVBUkNSKVLdFFd34-TVkeeenLRcdw1YCJK2SxBw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 24 Aug 2022 14:40:55 GMT
server
cloudflare
etag
W/"da99e137f36f9c7c7241641a2ed29609"
vary
Accept-Encoding
x-goog-generation
1661352054877845
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ttmkPQ==, md5=2pnhN/NvnHxyQWQaLtKWCQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
29146
cf-ray
77a0dac99829ca53-YUL
expires
Fri, 16 Dec 2022 17:21:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50AD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 17:21:15 GMT
increment
id5-sync.com/api/esp/ 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/ 		85 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8a8b8813e76f83897acebb2155a7c86b199a8dd39fa6a2c8d2d7e1508a9f2a38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Jm2/aWNdsxA7h433i9hkDEGMmc0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
nmedianet.js
contextual.media.net/ Frame FB63 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUJN5H60
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c534dc28d4607cf8288d4b8728fe63449200c46acacc82dbb1c451b7413977f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-mnt-h
8-35
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 15 Dec 2022 17:21:15 GMT
server
Apache
etag
"9556a0263cb124873bf96b9e0fc2bbd0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-19
timing-allow-origin
*
expires
Thu, 15 Dec 2022 17:26:15 GMT
log
qsearch-a.akamaihd.net/ Frame FB63 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=bleepingcomputer_970x90_728x90_320x50_sticky&app_type=&bdr_typ=1&ogerpm=0.06&dn=bleepingcomputer.com&stid=bleepingcomputer_970x90_728x90_320x50_sticky&other_prv=294%2C4&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=da66b40f870344e89216db37aa17d505&req_id=a9d8e75d-c7f4-442e-b167-13757a564692&bidfp=0.0000&pvag_id=&ugd=4&zone=d&infl=&o_ver=NT+10.0&br_ver=108.0.5359.124&exp=&deal_id=&ver=9.1.2&totalTimeBucket=1&visibility=-1&fdbk_id=&second_bidder=294&totalTime=1264081&e_rpm=&dmm_m22=0.0500&gpid_format=&gdpr=&vsid=&seat=BID_API&rc=-1&size=970x90&f_seg=&prdp=&gpid_sent=false&ogerpm_used=false&cid=8CUJ8GUQF&bcrid=S0300080711068100970009099999900&ogcbdp=0.0600&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.79&rawbid=0.06&dmm_r=&dmm_l=&sub_bidder=128&tcyerpm=&sc=QC&send_erpm=false&pst=EMS&sd=&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-common-6c55845b5c-vkmf5.SC&adblk=&ugd_ver=&requrl=bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&itype=prebid&pvid_seat=4_BID_API&bidrestime=0&cc=CA&strg=smm_migration_test&ss=1600x1200&cliIP=0&advurl=https%3A%2F%2Fcontent.smartanswers.net&crid=664252065&time_stamp=2022-12-15+17%3A21%3A14&sat=1&rvshhon=&bdp=0.0600&br_id=265&ct=montreal&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.051&sc_pvid=4&capd=&algo=&other_bids=0.051%2C0.06&dc=east_sc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.44.133.61 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-133-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 15 Dec 2022 17:21:15 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 50AD 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 15 Dec 2022 17:21:15 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=48376
access-control-allow-credentials
true
content-length
62892
expires
Fri, 16 Dec 2022 06:47:31 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=a9d8e75d-c7f4-442e-b167-13757a564692&cid=&crid=539363375&adunit_count=1&dn=www.bleepingcomputer.com&requrl=https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/&istop=true&event=client_bid_won&value=0.05&rd=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.44.133.61 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-133-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 15 Dec 2022 17:21:15 GMT
event
s2s.t13.io/ 		86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/event?t=win&b=bleepingcomputer_970x90_728x90_320x50_sticky_bid&a=d0cd3243-716f-4f9c-b074-f72637de26f3&p=0.05&w=970&h=90&d=bleepingcomputer.com&i=bleepingcomputer_970x90_728x90_320x50_sticky&aid=a9d8e75d-c7f4-442e-b167-13757a564692&ts=1671124874052&bidder=medianet&f=i&int=amp&pg=%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
expires
0
log
hblg.media.net/ Frame 50AD 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=da66b40f870344e89216db37aa17d505&bidrestime=1671124874139&cbdp=0.05&ogbdp=0.06&prvReqId=7819771927828_217373039_66425206541&pvid=4&scrid=S0300080711068100970009099999900&size=970x90&slotVisibility=-1&viewability=79&app=0&cc=CA&cid=8CUJ8GUQF&csip=rtb-common-6c55845b5c-vkmf5.SC&device_id=4&dn=bleepingcomputer.com&itype=PREBID&mang=1&requrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&dtc=east_sc&zone=d&commit_id=1224efef&ugd=4&ctr=-1.0&rme=adm&cpr=0.2653895847447223
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 15 Dec 2022 17:21:16 GMT
clog
hblg.media.net/ Frame 50AD 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5580&lper=1&itypeid=3&itype=PREBID&cc=CA&cid=8CUJ8GUQF&reqid=a9d8e75d-c7f4-442e-b167-13757a564692&vid=a9d8e75d-c7f4-442e-b167-13757a564692&dn=bleepingcomputer.com&rawDn=bleepingcomputer.com&pid=8PRL4E7N3&ugd=4&user_data_cnt=0&fleet=common&requrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&cliIPType=v4&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=QC&ct=montreal&pubid=pub-8CUJ8GUQF&tgtval=pub-8CUJ8GUQF&csip=rtb-common-6c55845b5c-vkmf5.SC&dtc=east_sc&zone=d&ptype=23&tmax=1001&xtmax=300&gdpr=0&app=0&sat=1&screeninfo=1600x1200&device_id=4&asn=16276&sckfl=0&usp_status=0&usp_enf=1&pexid=PREBID-d0cd3243-716f-4f9c-b074-f72637de26f3&geoll=false&is_ortb=true&s_city=New+York&commit_id=1224efef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2022-12-14+00%3A00%3A00&pbasrc=-1&schain_cmpl=1&dummy_vsid=false&second_call=false&rtttime=52&pvid=4&prvAccId=863721386&prvApiId=8CUJN5H60&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=664252065&prspt=headerBid&prvReqId=7819771927828_217373039_66425206541&reqsize=970x90&size=970x90&chnl=smm_migration_test&bdp=0.060&cbdp=0.05&og_cbdp=0.060&ogbdp=0.06&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fcontent.smartanswers.net&dfpBd=0.05&dt=O&dbf=1&epc=863721386&s=1&snm=SUCCESS&pcrid=8CUJN5H60-863721386-51-4&tpbTkn=false&exid=31&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=79&slotVisibility=-1&adpos=0&iframingState=0&sbdrid=128&bdata=sd2%3Dnull%7Eiurl_l%3D20%7Eogerpm%3D0.06%7Esmm_bid%3D0.05%7Evis_sd%3D370%7Edc2%3D1%7Ebat%3D0%2C0%2C0%7Escd%3Dqc%7Ev_asn%3D16276%7Evl2r_sd%3D2022121511%7Eiurl_b%3D15992.32%7Eurl_tkc%3D0%7Estd%3Dbleepingcomputer_970x90_728x90_320x50_sticky%7EMP%3D.*computer.*security.*%7Elast%3D%7Evis_url_b%3D0.84%7Eip%3D2JquuV%7Efbb%3D0%7Evis_url_l%3D30%7Eriipua%3D0%2C0%7Eet%3D14%7Erc%3D2%2C847%7Erps_sd%3D2022121510%7Evis_b%3D906.75%7Eurl_b%3D0.06%7Evl2r_url_b%3D0%7Evl2r_url_vi%3D1E-16%7Eurl_tvi%3D0%7Esmm_wr%3D3.3181%7Eurl_l%3D20%7Egcat%3D500531%7Ebb%3D128%7Evv%3D0%7El2r_b%3D1000%7Eerpm%3D0.05%7Evl2r_url_kc%3D0E0%7Evl2r_up_l%3D0%7Ebm%3D1%7Esmm_sd%3D2022121503%7Esid%3D3bb06a337e029dc628e1b0dc094799f6%7Esd%3D0%7Euid%3D2IaGiqwOZOrWIkbjc9%7Ebtd%3D8212050184112283672333666597786397430619715252540436912729696550120607383938384236616617984%7Ekb_src%3Dkbb%7Ed2p_l%3D60%7E3pcf%3D1387.84%7Euim%3D0%7Evw_med%3D0.79%7Edmm_strg%3Dsmm_migration_test%7Evl2r_up_b%3D0%7Ed2p_b%3D0.91%7Eogd2p_b%3D0.91%7Evurl_b%3D0.11%7Ess%3D1600x1200%7Ekb_dl%3Den%7Euiw%3D-1%7Ece%3D0%7Erps_b%3D48.29%7Evurl_l%3D20%7ECI%3D2807%7Ents%3D1%7Ekb_ul%3Dn%2Fa%7Ekb_ccks%3D0%7EMP2%3D.*computer.*security.*%7Etb%3D-1%7Ect%3Dmontreal%7EisRef%3D0%7Eivurl_b%3D9.4%7EPF%3D0%7Eisif%3D0%7Elc%3D1%7Ebid%3D0.05%7Ekb_pt%3DNot+Processed%7Edc%3D7%7Evl2r_b%3D1.19%7Eivurl_l%3D20%7Esupply_tag_id%3Dbleepingcomputer_970x90_728x90_320x50_sticky%7Ecbdp%3D0.050%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Edtc%3Deast_sc%7Edalg%3Dsmm%7Ehtml%3D1%7Esobp%3D0.06%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.060%7Eac_type%3D1%7Eitype_id%3D3%7Eseller_tag_id%3Dbleepingcomputer_970x90_728x90_320x50_sticky%7EcarrierId%3D0%7Esmm_api%3Dv1%7Eibc%3D1%7Emxe%3Dged%7Emxbn%3DA2%7Ensz%3D1%7Etgs%3D970x90%7Ebsb%3D5%7Ebsp%3D0%7Etmx%3D242&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&mnrfc=-1&seat=BID_API&brsrclk=0&bidrestime=1671124874139&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.05&dmm_erpm=false&dmm_ogerpm=false&bcrid=S0300080711068100970009099999900&strg=smm_migration_test&stagid=bleepingcomputer_970x90_728x90_320x50_sticky&pgcatiab=IAB19-36&pgcatiab2=615&pgcatsprig=737&vls=0&scrid=S0300080711068100970009099999900&mang=1&pvdTmax=242&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&apTags%3C%3E=75&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CUJN5H60&mx_SPRIG=1&mx_bsBucket=5&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=5&mx_sid=8CUJ8GUQF&mx_SC=0&mx_lr_seg_deal=1&mx_aqcpl_crid=4&mx_nsz=1&mx_GCID=0&mx_g_uid_cvrg%3C%3E=ttdid%23%23CriteoId%23%23pubcid&mx_maq_call=false&mx_aurt=0&mx_divid=bleepingcomputer_970x90_728x90_320x50_sticky&mx_crsw_exp=ged&mx_tgs=970x90&mx_bsProfileRa=0&mx_IAB2=1&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=2&mx_crsw_bckt=A2&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=f364e2e9ad&acid=da66b40f870344e89216db37aa17d505&rtime=16.0&wsip=mowx-d4878d96b-ghhvl&ltime=40.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&impId=bleepingcomputer_970x90_728x90_320x50_sticky&reftime=15000&reftype=0&dsid=bleepingcomputer_970x90_728x90_320x50_sticky&mowxReqId=da66b40f870344e89216db37aa17d505_3&renderer=0&ifst=0&ifdp=0&media=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&dfpDiv=bleepingcomputer_970x90_728x90_320x50_sticky&viewability_vendor=MEDIA.NET+EXCHANGE&viewability_mnet=79&v_mkey=gen-vblt_prebid_test_2_1&v_mver=202212150215_gen-vblt_prebid_test_2&v_alg=gen-vblt_prebid_all&actltime=41&mp_seg%3C%3E=44635%23%2344632%23%2344648%23%2344629%23%2315613%23%2315610%23%2315626%23%2315607%23%2365932%23%2317212%23%237691%23%237688%23%237704%23%2317191%23%237685&debug_ts=2022-12-15+17%3A21%3A14&__expireat=1671125474393&mview=1&sc_pvid=294&sc_ogbdp=0.06&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=15.0&sc_prspt=headerBid&sc_bdp=0.060&sc_cbdp=0.051&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Frelated.icananswerthat.com&rme=adm&utime=1711&sf=0&cpr=0.08186524878598256
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
max-age=3600
date
Thu, 15 Dec 2022 17:21:16 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 15 Dec 2022 23:21:16 GMT
pixel
protected-by.clarium.io/ Frame 50AD 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL21lZGlhbmV0Ojk3MHg5MA==&v=5&s=v31gkbcruj8&id=eyJwcmViaWQiOnsiYWRJZCI6Ijc5OTAwZjgwODk5YjhjIiwiY3BtIjowLjA1LCJzIjoiYmxlZXBpbmdjb21wdXRlcl85NzB4OTBfNzI4eDkwXzMyMHg1MF9zdGlja3kiLCJzcmMiOiJzMnMifSwidHBfY3JpZCI6IlBCOm1lZGlhbmV0O1MwMzAwMDgwNzExMDY4MTAwOTcwMDA5MDk5OTk5OTAwIn0%3D&sb=undefined&cb=789910&h=www.bleepingcomputer.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwyMWxaR2xoYm1WME9qazNNSGc1TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbIm1lZGlhbmV0Il0sImhiX3NpemUiOlsiOTcweDkwIl19fSwid3IiOjB9
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.34.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-34-165.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 2BF8 		662 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
24e8c18a89152ca026c01970d6d7e1f1d6f2604f2b8e30c2d948e01a01885493

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
427
content-type
text/html
date
Thu, 15 Dec 2022 17:21:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d1eec3948a4661af20e8ae131554204fda646c7f71224f400869c3cde78bef4f

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
receive
pixel.tapad.com/idsync/ex/ Frame 2BF8 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=3e84202b-9b33-4c45-89a1-437a3c013bb9
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 2BF8 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=163ed05e-185e-4b8b-9067-1aa6982e0edc
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 2BF8
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=6d3c2cb1-0d73-47a2-9c39-5b5f36169b6d
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0041c8a1bd2c7edcf4174ea768159f66d348563be777e702237a1aafcec16cb3791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwMDQxYzhhMWJkMmM3ZWRjZjQxNzRlYTc2ODE1OWY2NmQzNDg1NjNiZTc3N2U3MDIyMzdhMWFhZmNlYzE2Y2IzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwMDQxYzhhMWJkMmM3ZWRjZjQxNzRlYTc2ODE1OWY2NmQzNDg1NjNiZTc3N2U3MDIyMzdhMWFhZmNlYzE2Y2IzNzkxNDI2YjU0MTdkY2UyMRAAGgwIjK_tnAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fa3a5b65-32e4-40e6-8660-546177406ce9
42 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=fa3a5b65-32e4-40e6-8660-546177406ce9
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=fa3a5b65-32e4-40e6-8660-546177406ce9
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 2BF8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7964311275014384432
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7964311275014384432
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:15 GMT
AN-X-Request-Uuid
6f92e158-0ca0-489c-a173-a6e31c16f9ca
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7964311275014384432
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2BF8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=602c2faa-dc9e-ca38-034e-593b67be3155
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NGK263B1GH54H934FNCW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
smtr
contextual.media.net/ Frame FB63 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUJN5H60&cpcd=sd0Qycle7f9CBDq1l0zuZQ%3D%3D&crid=863721386&size=970x90&cc=CA&chnm=smm_migration_test&pid=8PO44IW71&tpid=TR615X7&https=1&vif=1&requrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&kwrf=https%3A%2F%2Fwww.bleepingcomputer.com&nse=5&vi=1671124875517388533&lw=1&ugd=4&adt1=8CUJ8GUQF&adt2=664252065&itid=3&bae=B4xBBgzNxN&bcpf=B4xBBgz8fOnRrolnfOur8NxN&bdrId=4&ntv=0&matchstring=hr%3D0&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=807110681&kapc=32&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8OverJk%7C%7C1ywjvz1%7C%7C77OvW&kata=aton&ekalog=cVvfiHf%7C%7CbVvfiH9%7C%7CPPVrvfV1U%2F-jb4wDqiVQxDc%7C%7C%3DVvfiHf%7C%7Cc0_rvFH9%7C%7C_TVrvF%7C%7CbVrvW%7C%7CqVrv9%7C%7C_0_rvhhiu9hAhW9AWfhF&pgid=p0194243871t202212151721&newfl=1&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT07vGobptWNeRVdl_KiS3fUUdsH9iFcBqw%3D%3D&allsc=QC
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c442e2f98ed7dca6f5f00e82c8e169a29266eaefa824fb2ba71e4ecb0616706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-lh44
timing-allow-origin
*
content-length
31116
expires
Thu, 15 Dec 2022 17:21:16 GMT
bping.php
lg3.media.net/ Frame FB63 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=687&&vgd_cdv=835&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUJN5H60&crid=863721386&vi=1671124875517388533&ugd=4&lf=6&kwrf=https%3A%2F%2Fwww.bleepingcomputer.com&cc=CA&sc=QC&vsid=3141264741454978&wsip=2886781336&r=1671124876058&requrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1671124875104008076&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUJ8GUQF&vgd_hb_audit_2=664252065&vgd_pgid=p0194243871t202212151721&vgd_pgids=1&vgd_uspa=0&hvsid=00001671124876055025035145494478&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 15 Dec 2022 17:21:16 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=66844
Connection
keep-alive
Content-Length
15
checksync.php
contextual.media.net/ Frame F799 		37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af18bb79e0710f1bb33265bd1e64f483e4a2b6763227a9c143bb3fa94fd2ba41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12267
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 17:21:16 GMT
expires
Sat, 17 Dec 2022 17:21:16 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pubcid.php
hbx.media.net/ Frame F799 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:51:16 GMT
sync
gum.criteo.com/ Frame F799 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
378712
expires
60
usync.html
eus.rubiconproject.com/ Frame DA2C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 17:21:16 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 17:21:16 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame ADDF
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Drkt%26refUrl%3D%26vid%3D112487617331412647414549780...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=rkt&refUrl=&vid=11248761733141264741454978000V10&ovsid=979321829986624376
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=rkt&refUrl=&vid=11248761733141264741454978000V10&ovsid=979321829986624376
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 15 Dec 2022 17:21:16 GMT
expires
Thu, 15 Dec 2022 17:21:16 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 15 Dec 2022 17:21:16 GMT
Location
https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=rkt&refUrl=&vid=11248761733141264741454978000V10&ovsid=979321829986624376
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 90C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.212.188 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-212-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33391
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 15 Dec 2022 17:21:16 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 02:37:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=3dd595903e1a08&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D314...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=con&refUrl=&vid=11248761733141264741454978000V10&ovsid=AAABt360ZG-XRgNgsYoHAAAAAAA&expiration=1671211276&is_secure=true
45 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=con&refUrl=&vid=11248761733141264741454978000V10&ovsid=AAABt360ZG-XRgNgsYoHAAAAAAA&expiration=1671211276&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=con&refUrl=&vid=11248761733141264741454978000V10&ovsid=AAABt360ZG-XRgNgsYoHAAAAAAA&expiration=1671211276&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame F799
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3141264741454978...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=opx&refUrl=&vid=11248761733141264741454978000V10&ovsid=f0d63a48-6b34-4b22-a00f-a5c2bd626869
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=opx&refUrl=&vid=11248761733141264741454978000V10&ovsid=f0d63a48-6b34-4b22-a00f-a5c2bd626869
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

date
Thu, 15 Dec 2022 17:21:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=9&vsid=3141264741454978000V10&type=opx&refUrl=&vid=11248761733141264741454978000V10&ovsid=f0d63a48-6b34-4b22-a00f-a5c2bd626869
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dmma%26refUrl%3D%26vid%3D112487617331412647414549...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=mma&refUrl=&vid=11248761733141264741454978000V10&ovsid=d81e639b-578b-4500-a081-9e458f2ab181
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=mma&refUrl=&vid=11248761733141264741454978000V10&ovsid=d81e639b-578b-4500-a081-9e458f2ab181
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

Date
Thu, 15 Dec 2022 17:21:16 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=mma&refUrl=&vid=11248761733141264741454978000V10&ovsid=d81e639b-578b-4500-a081-9e458f2ab181
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 17:21:15 GMT
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dr1%26refUrl%3D%26vid%3D11248761733141264741...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005&rndcb=4386996318
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&google_hm=ZTM0ZTdiYTgtNThlNC00YzBiLTk5MjUtY2E2MWZlN2Yx...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJe5nh2nkFF0ca44AD1edlA&google_cver=1&ssp=adconductor&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://sync.1rx.io/usersync/bidswitch/e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=r1&refUrl=&vid=11248761733141264741454978000V10&ovsid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=r1&refUrl=&vid=11248761733141264741454978000V10&ovsid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

Date
Thu, 15 Dec 2022 17:21:16 GMT
Server
Tengine
ETag
RX352cb321e52442759baaab4b8c3755b5005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=r1&refUrl=&vid=11248761733141264741454978000V10&ovsid=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Content-Type
text/html
Connection
keep-alive
cksync
cs.media.net/ Frame F799
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzE0MTI2NDc0MTQ1NDk3ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEBI6JAyaOmRo2PMX8j_5mXk&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEBI6JAyaOmRo2PMX8j_5mXk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEBI6JAyaOmRo2PMX8j_5mXk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11248761733141264741454...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Ddxu%26refUrl%3D%26vid%3D11248761733141264...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=dxu&refUrl=&vid=11248761733141264741454978000V10&ovsid=K1UoQABr1P5RV25
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=dxu&refUrl=&vid=11248761733141264741454978000V10&ovsid=K1UoQABr1P5RV25
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0173d6632898be3c6@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=dxu&refUrl=&vid=11248761733141264741454978000V10&ovsid=K1UoQABr1P5RV25
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=cce5e24a-5d13-42f7-8f58-3d699e8e9406
45 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=cce5e24a-5d13-42f7-8f58-3d699e8e9406
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=cce5e24a-5d13-42f7-8f58-3d699e8e9406
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2043710
content-length
0
expires
Thu, 15 Dec 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596829190239181973&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=2ab77f41-7cd1-441d-b7c6-59ab82a4c385&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10596829190239181973&ssp=medianet&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214970604366011519287&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596829190239181973&ssp=medianet&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 17:21:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dzem%26refUrl%3D%26vid%3D11248761733141264741454978...
  • https://stags.bluekai.com/site/23178?id=yH6YX6kHP9S5e3yY820t&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLZJA3FSWBWNNEFAOKTGVSTG6KZHAZDA...
  • https://contextual.media.net/cksync.php?cs=9&ovsid=yH6YX6kHP9S5e3yY820t&refUrl=&type=zem&vid=11248761733141264741454978000V10&vsid=3141264741454978000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&ovsid=yH6YX6kHP9S5e3yY820t&refUrl=&type=zem&vid=11248761733141264741454978000V10&vsid=3141264741454978000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:16 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=9&ovsid=yH6YX6kHP9S5e3yY820t&refUrl=&type=zem&vid=11248761733141264741454978000V10&vsid=3141264741454978000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3141264741454978000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3141264741454978000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&cs=1
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
710489.gif
id.rlcdn.com/ Frame F799 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame F799
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
log
c21lg-d.media.net/ Frame F799 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=36ced47c-4681-44c5-8e88-492a4f29d307&cs=15&vsid=3141264741454978000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 15 Dec 2022 17:21:16 GMT
content-length
35
content-type
image/gif
bql.php
lg3.media.net/ Frame CE0A 		15 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6474&&&vgd_l2type=scs_newfl&fp=swwbhrdvmBluHtJwqatH7DbHrEODrqvUWgFs2f9FO-lDEw_HqKli9sl6v-20VJIqxzEUwYGsj8w9e6oCgtvIjpYaZ_a7ua5s1fTVJLcRY6vi_rIipA0ZxjJ_7Nwr5PRxsaQf7Kdol6A%3D&cme=cdf4c2LCbdgeJPO9HvByXoF45e18A-EBAKmync6vLL_LK1ssdVdV4h7vPb8I2wRwrJgfqfbfS26FS74UPaYN6da9E2Qpd8eQjT0oYmoXwJAVukblZGjOhLV0PDzeUe-mB5lZJp88ACd9JP_2YTtcWS6c98-oMJfLdSyxvuon9IR1FmVwdRTnCzqkEF-ESmElgcaUYGY5Z6dr_JbjNDtN-RmhgKIvD8-gYdd3EhaGIV0nF8Y9F2z5WBgOyvBx7Dzrr_TqfpgvpA-L-7E17DBzqblYPy-xSU9UWA_4H73WVFY-D7yZJQxMOw%3D%3D%7C%7Cu8A6SM53vAfaQjZs4_BhVa0vlYcK5wuf%7CC_NcdaVhzolsa5HgEbC9_IQ1Y67RAVgq%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7CEVkNJxBRqoP_J0F3KfbFrCA2YLiukW1jkP-l_HUIAFEPkV_wjKlgX8w-ERobzk58eQes8CXiTYQlrqDEO2uz4lyzmrzQk9q4IfDdyfJz-73ek-KZ-_FFnUvn0SMsKepc%7Cxrl5Md8q4--ak7-wv91iACsyPTYzlqzS3-gZHnz02sSPE7vJLw7fi-lkUtCNE1lX%7CLH1dTwCq5qB6GahnxcsXb8rdzOJhysRckKfsHui6lomn9yX32aatLse_L0xKmeSeDy3amhxCGEMeYOR3K3uKqQOsBaRq34H9BhoelA1McBdhoYPchi79980mXXaiYzbM72brK0AEI1d-WtHZz-8sHCRXDaGLuFffls3Pc80m2CvyyA-zsitZUdlNr04sUUemM4N0MSVngTAkPD3nEJZYJu6aJLLZspgieyW7wU5S8OR3xGd8mMer1clijkz0bz1k%7C&ksu=224&fdkt=453&vgde_kbbh=ffoyxQJuO&kwd[]=Downloads+for+Windows&kwt[]=453&kbc[]=1261624125&kwp[]=1&kid[]=8857422&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D0.39%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.39%7C2%3D3.42%7Cps%3D1.350%7C3%3D0.17%7C4%3D4.00&ktd[]=274911592704&ktrkt[]=Downloads+for+Windows&kwd[]=Window+10+Software&kwt[]=453&kbc[]=1261624125&kwp[]=2&kid[]=329806942&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D0.89%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.86%7C2%3D3.87%7Cps%3D1.350%7C3%3D0.32%7C4%3D2.52&ktd[]=274894815488&ktrkt[]=Window+10+Software&kwd[]=Buy+Microsoft+Windows+11&kwt[]=453&kbc[]=1261624125&kwp[]=3&kid[]=351068000&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D1.05%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D1.04%7C2%3D4.61%7Cps%3D1.350%7C3%3D0.42%7C4%3D1.47&ktd[]=824650629376&ktrkt[]=Buy+Microsoft+Windows+11&kwd[]=2022+Home+Window+Replacement+Cost&kwt[]=439&kbc[]=1261624125&kwp[]=4&kid[]=350751337&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D1.40%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.91%7C2%3D2.39%7Cps%3D1.063%7C3%3D0.87%7C4%3D2.20&ktd[]=282299627340032&ktrkt[]=2022+Home+Window+Replacement+Cost&kwd[]=Upgrade+to+Windows+10&kwt[]=439&kbc[]=1261624125&kwp[]=5&kid[]=324607107&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D0.75%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D0.75%7C2%3D3.92%7Cps%3D1.063%7C3%3D0.10%7C4%3D1.47&ktd[]=281749888303360&ktrkt[]=Upgrade+to+Windows+10&kwd[]=Windows+Operating+System&kwt[]=453&kbc[]=1261624125&kwp[]=6&kid[]=30902075&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.73%7C60%3D1.16%7C62%3D0.25%7C63%3D0.10%7C10%3D2.49%7C12%3D0.66%7C1%3D1.15%7C2%3D4.82%7Cps%3D1.350%7C3%3D0.04%7C4%3D1.17&ktd[]=274894815488&ktrkt[]=Windows+Operating+System&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=15040&hint=&cc=CA&wsip=170774658&bca=0&ugd=4&vgde_setid=Nff&cid=8CUJN5H60&vi=1671124875517388533&vsid=3141264741454978&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=0&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUJ8GUQF&vgd_hb_audit_2=664252065&vgd_refdomain=bleepingcomputer.com&vgd_katid=807110681&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3DvDef%7C%7Caghl%3Dna%7C%7Cttd%3D8&vgd_kalog=MI%3D2942%7C%7CSI%3D2940%7C%7CUUID%3D2IakVxlSEhRH9IsuRM%7C%7CCI%3D2942%7C%7CMPTD%3D640%7C%7CTLID%3D6%7C%7CSID%3D8%7C%7CHID%3D0%7C%7CTPTD%3D779107378038276&vgd_pdtid=1&vgd_nrrv=4901&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=montreal&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1671124875104008076&sttm=1671124876055&upk=1671124876.2860&hvsid=00001671124876055025035145494478&verid=3111299&vgd_matchstr=hr%3D0&sbdrId=128&vgd_vsidtv=000V10&vgd_ecrid=S0300080711068100970009099999900&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO44IW71&&abpl=2&&kbbq=%26asn%3D16276&&vgd_vstrid=3141264741454978&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9F~QYYMG8Ov9.9X~e8QMQOvAh9~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ffufuXuu~8xLjMGvuXiif.Af~xLjM7UNv9~Q7OvGjJJE8zyNmYEx7JLMih9-i9MhfW-i9MAf9-X9MQ78NU5~c0v.*NmYEx7JL.*QJNxL875.*~j1Q7v~e8QMxLjMGv9.WH~8Evf6%20xx%2F~kGGv9~e8QMxLjMjvA9~L88Ex1v9%2C9~J7vuH~LNvf%2CWHh~LEQMQOvf9ffufuXu9~e8QMGvi9F.hX~xLjMGv9.9F~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvA.AuWu~xLjMjvf9~yN17vX99XAu~GGvufW~eev9~jfLMGvu999~JLEYv9.9X~ejfLMxLjMUNv949~ejfLMxEMjv9~GYvu~QYYMQOvf9ffufuX9A~Q8OvAGG9F1AAhJ9fiONFfWJuG9ON9iHhiikF~QOv9~x8OvfV1Z8%20Ba2aLpVUGdNi~G7OvWfuf9X9uWHuuffWAFhfAAAFFFXihhWFAihHA9FuihuXfXfXH9HAFiufhfiFiFXX9uf9F9hAWAiAWAWHfAFFuFFuhiWH~UGMQLNvUGG~OfEMjvF9~AENkvuAWh.WH~x8Yv9~eBMYJOv9.hi~OYYMQ7LyvQYYMY8yL178mzM7JQ7~ejfLMxEMGv9~OfEMGv9.iu~myOfEMGv9.iu~exLjMGv9.uu~QQvuF99-uf99~UGMOjvJz~x8Bvou~NJv9~LEQMGvHW.fi~exLjMjvf9~%3DVvfW9h~z7Qvu~UGMxjvzS1~UGMNNUQv9~c0fv.*NmYEx7JL.*QJNxL875.*~7Gvou~N7vYmz7LJ1j~8QDJkv9~8exLjMGvi.H~0sv9~8Q8kv9~jNvu~G8Ov9.9X~UGME7vIm7n0LmNJQQJO~ONvh~ejfLMGvu.ui~8exLjMjvf9~QxEEj5M71yM8OvGjJJE8zyNmYEx7JLMih9-i9MhfW-i9MAf9-X9MQ78NU5~NGOEv9.9X9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov~O7NvJ1Q7MQN~O1jyvQYY~w7Yjvu~QmGEv9.9F~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9F9~1NM75EJvu~875EJM8OvA~QJjjJLM71yM8OvGjJJE8zyNmYEx7JLMih9-i9MhfW-i9MAf9-X9MQ78NU5~N1LL8JLVOv9~QYYM1E8veu~8GNvu~Y-JvyJO~Y-GzvKf~zQlvu~7yQvih9-i9~GQGvX~GQEv9~7Y-vfHf&vgd_optout=0&vgd_bhv_kbb=-1&vgd_cfud=220406&vgd_scsver=373&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001671124876055025035145494478&subBdr=128&bdrid=4&rc=0&rand=1671124876318&acid=da66b40f870344e89216db37aa17d505&matm=1671124876319&requrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&vgd_ren_page_h=1200&vgd_ltimesrc=1&vgd_ltime=477&vgd_rtime=452&vgd_etm=9&vgd_l1hcsd=A35%7C8266&vgd_l1ch=1&vgd_lhl=3181&vgd_pgid=p0194243871t202212151721&vgd_adprefflag=11&vgd_adpref_diff=100&vgd_csip=rtb-common-6c55845b5c-vkmf5.SC&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=4901&vgd_cntrdt=SL%7CDIV-rc_bleepingcomputer_970x90_728x90_320x50_sticky%7CDIV&vgd_crefurl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 15 Dec 2022 17:21:16 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64420
Connection
keep-alive
Content-Length
15
usync.js
eus.rubiconproject.com/ Frame DA2C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47127
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:26:43 GMT
cksync.php
contextual.media.net/ Frame DA2C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LBPCLP5R-B-JTJD
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBPCLP5R-B-JTJD
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBPCLP5R-B-JTJD
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:16 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBPCLP5R-B-JTJD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
sync
eb2.3lift.com/ Frame D937 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
5c4526dcd1d64d4570ed72cbf1380888aa0bfcd5272a352318e0748d22caa207

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:16 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 386C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.212.188 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-212-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33391
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 15 Dec 2022 17:21:16 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 02:37:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 5206
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
24aa0fff69f6e202047376b1f950901a7fd7297a268ea24d5314968ddbff7535

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1392
content-type
text/html
date
Thu, 15 Dec 2022 17:21:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 15 Dec 2022 17:21:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C995 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.212.188 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-212-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33391
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 15 Dec 2022 17:21:16 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 02:37:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 5E9F 		681 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f273910174b829a9c1fd1cb223276b9cbeaeefb6dc5b981231a01a9758ed426c

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
393
content-type
text/html
date
Thu, 15 Dec 2022 17:21:16 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
de.tynt.com/deb/ Frame 886F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
24aa0fff69f6e202047376b1f950901a7fd7297a268ea24d5314968ddbff7535

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1392
content-type
text/html
date
Thu, 15 Dec 2022 17:21:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 15 Dec 2022 17:21:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pbcas
ads.yieldmo.com/ Frame EF84 		710 B
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
0cfabc39e137f99930afb1dd35596fb134c403e208166f8dc548001b65b7f3be

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 15 Dec 2022 17:21:16 GMT
pragma
no-cache
vary
accept-encoding
sync
eb2.3lift.com/ Frame 982B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
5c4526dcd1d64d4570ed72cbf1380888aa0bfcd5272a352318e0748d22caa207

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:16 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 58A4 		681 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f273910174b829a9c1fd1cb223276b9cbeaeefb6dc5b981231a01a9758ed426c

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
393
content-type
text/html
date
Thu, 15 Dec 2022 17:21:16 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pbcas
ads.yieldmo.com/ Frame 9433 		725 B
687 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
6bddfcfbf6c212c61d6ac6d1074151046bccba72dba9640a7361cca967c1166a

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 15 Dec 2022 17:21:16 GMT
pragma
no-cache
vary
accept-encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d81e639b-578b-4500-a081-9e458f2ab181
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=720627579153&expires=30&user_group=1&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=92e0ecff80&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&pubid=92e0ecff80
0
0
709996.gif
id.rlcdn.com/ Frame 5E9F 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 5E9F
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=27746732-924e-4d8c-b5d5-40edebbff484&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 17:21:16 GMT
server
Aorta/20221212.e40ee77a0
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
bb979e102af9
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 5E9F
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=56zZ62myyOwlNJcb3JTADw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
db0k3ejrbrmr31cmbcrvhksbirhue9cq

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 17:21:16 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x57 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 17:21:15 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E9F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=c3893cfe-5f67-4d61-ae6e-4a9508f002a3
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=c3893cfe-5f67-4d61-ae6e-4a9508f002a3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=c3893cfe-5f67-4d61-ae6e-4a9508f002a3
Date
Thu, 15 Dec 2022 17:21:16 GMT
Connection
keep-alive
X-CI-RTID
51773df0-2e14-4a02-acce-ae762e942ab6
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 5E9F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
709996.gif
id.rlcdn.com/ Frame 58A4 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 58A4
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=27746732-924e-4d8c-b5d5-40edebbff484&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 17:21:16 GMT
server
Aorta/20221212.e40ee77a0
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:101de48b60829634dbd0d07f76ec7a63
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
069f0d3036ab
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 58A4
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=56zZ62myyOwlNJcb3JTADw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
9lccpet7q8h2t00tjhot2f4omhim8f7a

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 58A4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 17:21:16 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=d81e639b-578b-4500-a081-9e458f2ab181
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 17:21:15 GMT
sd
us-u.openx.net/w/1.0/ Frame 58A4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=e0578d97-aac0-45d4-b198-18ce905818cf
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=e0578d97-aac0-45d4-b198-18ce905818cf
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=e0578d97-aac0-45d4-b198-18ce905818cf
Date
Thu, 15 Dec 2022 17:21:16 GMT
Connection
keep-alive
X-CI-RTID
9af395d8-146e-4a40-9bd4-0baefd2cfc35
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 58A4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 982B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 982B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 982B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 982B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 982B
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=115666fb-82fb-42e1-bc66-f6da17969ae6&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=115666fb-82fb-42e1-bc66-f6da17969ae6&_noobservation=1&_expected_cookie=59d2461...
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=115666fb-82fb-42e1-bc66-f6da17969ae6&_noobservation=1&_expected_cookie=59d246103b611e8385e598b12ecced63
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 15 Dec 2022 17:21:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77a0dad1ac6053e3-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=115666fb-82fb-42e1-bc66-f6da17969ae6&_noobservation=1&_expected_cookie=59d246103b611e8385e598b12ecced63
date
Thu, 15 Dec 2022 17:21:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77a0dad13bba53e3-YYZ
content-length
0
xuid
eb2.3lift.com/ Frame 982B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2442628202676436868836&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=70b52a81-f73d-4423-80ab-e4b4c862aaa3&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 17:21:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 982B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2442628202676436868836?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 15 Dec 2022 17:21:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 982B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2442628202676436868836
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 982B 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2442628202676436868836&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
last-modified
Tue, 13 Dec 2022 22:44:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A78F4EA9B34A4BA398C749BF0D019DE5 Ref B: YTO01EDGE0714 Ref C: 2022-12-15T17:21:16Z
etag
"8723e58344fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 982B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:16 GMT
AN-X-Request-Uuid
5d4b5e64-cc99-46f4-b53c-38745dc8de53
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame D937
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame D937
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D937
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJ-Yd0t2aYEGwQq-XOzomdI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D937
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ0MjYyODIwMjY3NjQzNjg2ODgzNg%3D%3D
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame D937
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2442628202676436868836&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e0840ca-4a03-44f3-ae4e-23857a7127f3&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e0840ca-4a03-44f3-ae4e-23857a7127f3&_noobservation=1&_expected_cookie=c223bdc...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e0840ca-4a03-44f3-ae4e-23857a7127f3&_noobservation=1&_expected_cookie=c223bdc3182b4bca4ef9bf1b78f79b27
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 15 Dec 2022 17:21:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77a0dad18c4853e3-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6e0840ca-4a03-44f3-ae4e-23857a7127f3&_noobservation=1&_expected_cookie=c223bdc3182b4bca4ef9bf1b78f79b27
date
Thu, 15 Dec 2022 17:21:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77a0dad13bbe53e3-YYZ
content-length
0
xuid
eb2.3lift.com/ Frame D937
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2442628202676436868836&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=60d3b747e3bc44ab8f867eb77ed38cf1&ssp=triplelift&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 17:21:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame D937
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2442628202676436868836?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 15 Dec 2022 17:21:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-3kH87L1E2oQosw.2AoS1tVCowVcMtTE1OEQHjOtSNw--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame D937 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2442628202676436868836
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame D937 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2442628202676436868836&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
last-modified
Tue, 13 Dec 2022 22:44:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 95A8BCA0085240B2A7FCDE272F2D18C7 Ref B: YTO01EDGE0714 Ref C: 2022-12-15T17:21:16Z
etag
"8723e58344fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame D937
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:16 GMT
AN-X-Request-Uuid
ea6f988b-1241-4f1b-90ea-ba2db15bfb86
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7964311275014384432&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 9433
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9433 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzZiNjc4MzEyYzhjNDIxNjFjYjk=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-adform.ads.yieldmo.com/ Frame 9433
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1283
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=7018216432214041642
43 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=7018216432214041642
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.205.97.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-97-218.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:17 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=7018216432214041642
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ads.yieldmo.com/v000/ Frame 9433
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&gdpr=&gdpr_pd=&gdpr_consent=
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=70b52a81-f73d-4423-80ab-e4b4c862aaa3&gdpr=&gdpr_pd=&gdpr_consent=
date
Thu, 15 Dec 2022 17:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/v000/ Frame 9433
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g6b678312c8c42161cb9
  • https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame EF84
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=b79aaf513591a18&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJP416tApWaQN2rc1NAAAAAAA&expiration=1671211276&is_secure=true
43 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJP416tApWaQN2rc1NAAAAAAA&expiration=1671211276&is_secure=true
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJP416tApWaQN2rc1NAAAAAAA&expiration=1671211276&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/ Frame EF84
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=b1JTdUEjRwBUzqRKsovRkJU4mbU&gdpr=&gdpr_consent=
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=b1JTdUEjRwBUzqRKsovRkJU4mbU&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=b1JTdUEjRwBUzqRKsovRkJU4mbU&gdpr=&gdpr_consent=
Date
Thu, 15 Dec 2022 17:21:16 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
sync
ads.yieldmo.com/ Frame EF84
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LBPCLP5R-B-JTJD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
sync
sync-adform.ads.yieldmo.com/ Frame EF84
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1283
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5629475560403883698
43 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5629475560403883698
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.205.97.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-97-218.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:17 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5629475560403883698
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ads.yieldmo.com/v000/ Frame EF84
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g6b678312c8c42161cb9
  • https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
50.16.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-138-112.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
view
securepubads.g.doubleclick.net/pcs/ Frame 50AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhtec6rclITIgXp6D73W1-h08ElCNBQm37GVAMYAGedhsjmSkNe0iRkjemfrD4JyqvFUA0nPPmVepYlRhhxc4xMN0YTYlEkrz6blSnST6erIkPNowxC8jU6NrV8kBTIYQ6zavN2ff5ZnTPmEbZ0jAMEBc4ISC7clJUjwWSOxYZTUDMWTIWEPPp4PCdfzJfZtMH18aSm_07vbRA01x6-MffuVRH4ec1nTsf8P_UGcs1b6CSDvQ6XuuEHt-0atAirIMErQebufPNANObsrUimYgZ_jS4wXSmIrrrD0mzpGmHpifVShHLQkZu8x4zUUCu2e9ks6ztkKpTVP10D7rL6oZb2Ja-CXaFGRFu36naFcRP43PfDA1eZ4IZr5e4&sai=AMfl-YT2Hz05eLAUj_SA3qKQcq6LsFuka-6ANHIKroctzfM4obaf28GaTY-eYk3N9ArWJIgcKYLXF7Qd0cS6X6apwsrdg0ax85oxVH-cbU1K_ispxnugnRoeMUJ9bFC0ztYDnA&sig=Cg0ArKJSzBAtYtvnb-j7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 17:21:16 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame EC2F 		0
0
usync.html
eus.rubiconproject.com/ Frame E24A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 17:21:17 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 17:21:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 5206
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=b160d375-a634-45ce-ad00-00f165957bf5&expires=3&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5206
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1671124876922.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 15 Dec 2022 17:21:17 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x24 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 17:21:16 GMT
match
events-ssc.33across.com/ Frame 5206
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5206
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1333f4f0fed204b0&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJRTyru4_yfgMyJwO5AAAAAAA&expiration=1671211277&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJRTyru4_yfgMyJwO5AAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJRTyru4_yfgMyJwO5AAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJRTyru4_yfgMyJwO5AAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5206
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2442628202676436868836
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 0E09
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 17:21:17 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 17:21:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 886F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 886F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1671124876922.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 15 Dec 2022 17:21:17 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x53 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=d81e639b-578b-4500-a081-9e458f2ab181
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 17:21:16 GMT
match
events-ssc.33across.com/ Frame 886F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-7z6dFwZE2uHDy_.DsaJRZhhjX6y6arTW%7EA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 886F
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=17aba3867e981a18&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAJP416tApWcQNV4eygAAAAAAA&expiration=1671211277&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP416tApWcQNV4eygAAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP416tApWcQNV4eygAAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAJP416tApWcQNV4eygAAAAAAA&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 886F
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2442628202676436868836
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2442628202676436868836&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 0E09 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47126
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:26:43 GMT
usync.js
eus.rubiconproject.com/ Frame E24A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=47126
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:26:43 GMT
match
events-ssc.33across.com/ Frame 0E09
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LBPCLP5R-B-JTJD
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LBPCLP5R-B-JTJD
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBPCLP5R-B-JTJD&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBPCLP5R-B-JTJD&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:16 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBPCLP5R-B-JTJD&ts=1671124877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
demand-source
d.pub.network/ 		61 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
af974f38b8332d4bb28679f174b399bf227f85c67bbe29b7408c9d4333909f85

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 17:21:18 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 15 Dec 2022 17:21:17 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame 58AC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59627202&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
010b1df33a297efc3df1d8cfd8998199b970b9fb7e614cbba10ec0e769e977f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 17:21:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame E8D7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdl9FN0hOcThBQUNBUUJXMXZRQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEv_E7HNq8AACAQBW1vQA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEv_E7HNq8AACAQBW1vQA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dp...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEv_E7HNq8AACAQBW1vQA&pid=558502&do=add&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 17:21:18 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEv_E7HNq8AACAQBW1vQA&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0342
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7964311275014384432&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7964311275014384432&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
d6f6259f-cd67-4d04-b56c-8741cc836c97
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 17:21:18 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7964311275014384432&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8771
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 17:21:18 GMT
expires
Thu, 15 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1828095
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 4B0A 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 15 Dec 2022 17:21:18 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
image2.pubmatic.com/AdServer/ Frame 3D92
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 15 Dec 2022 17:21:18 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
csync
sync.spotim.market/ Frame C659 		0
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 17:21:17 GMT
Etag
d28f18fbdf67107a
Server
Adtelligent
qmap
sync.crwdcntrl.net/ Frame 58AC 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.208.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-208-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.103
content-length
49
expires
0
/
io.narrative.io/ Frame 58AC
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:BF66B2B7-10A4-4A33-8409-E018E75178B2
  • https://io.narrative.io/?io.narrative.guid.v2=e3006630-7c9c-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:BF66B2B7-10A4-4A33-8409-E018E75178B2
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=e3006630-7c9c-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:BF66B2B7-10A4-4A33-8409-E018E75178B2
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Server
52.1.215.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-215-83.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:21:18 GMT
Cache-Control
no-cache
Server
nginx/1.22.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=e3006630-7c9c-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:BF66B2B7-10A4-4A33-8409-E018E75178B2
Date
Thu, 15 Dec 2022 17:21:18 GMT
Server
nginx/1.22.0
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame 58AC 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-63.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:18 GMT
via
1.1 fdc88b576635a6d1858343ad162c44fc.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
G73f00EVtcu_c0cuKiGBTA6Tdu1Gp98lauLB9EG9MuIFrMoxf-Kx9Q==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 58AC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BF66B2B7-10A4-4A33-8409-E018E75178B2&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BF66B2B7-10A4-4A33-8409-E018E75178B2&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BF66B2B7-10A4-4A33-8409-E018E75178B2&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:18 GMT
Frontend-ID
5
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:18 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=BF66B2B7-10A4-4A33-8409-E018E75178B2&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 58AC
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=d9931da61201a18&is_secure=true&networkId=17100&version=1&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJP416tApWrwM8Ju9PAAAAAAA&expiration=1671211278&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJP416tApWrwM8Ju9PAAAAAAA&expiration=1671211278&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJP416tApWrwM8Ju9PAAAAAAA&expiration=1671211278&nuid=BF66B2B7-10A4-4A33-8409-E018E75178B2&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 58AC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0578d97-aac0-45d4-b198-18ce905818cf&gdpr=0&gdpr_consent=
1 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0578d97-aac0-45d4-b198-18ce905818cf&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e0578d97-aac0-45d4-b198-18ce905818cf&gdpr=0&gdpr_consent=
Date
Thu, 15 Dec 2022 17:21:18 GMT
Connection
keep-alive
X-CI-RTID
a5c8188c-2df9-481e-8070-ae684a5938e4
Content-Length
205
Content-Type
text/html; charset=utf-8
sn.ashx
pmp.mxptint.net/ Frame 58AC
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_FAF1B0EA_412DE822&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Server
4.78.226.233 Paradise, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-354111678; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:17 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-354111678; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 15 Dec 2022 17:21:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 58AC 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.184.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-184-190.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 58AC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e169edb1-0c72-4ee2-b822-3b2af19d8487&ssp=pubmatic&expires=30&user_group=5&bsw_param=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 17:21:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 90C9 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94556494&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c040e6ed7600ec19f251b202d5c74d640443ab8ea79e003acbf913fb1f87fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 17:21:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame A0A7 		35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 15 Dec 2022 17:21:19 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 599D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e39fbfc8-7c9c-11ed-906a-20af8fa26946
42 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e39fbfc8-7c9c-11ed-906a-20af8fa26946
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 15 Dec 2022 17:21:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e39fbfc8-7c9c-11ed-906a-20af8fa26946
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-8
Pug
simage2.pubmatic.com/AdServer/ Frame 1DF6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=b1JTdUEjRwBUzqRKsovRkJU4mbU
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=b1JTdUEjRwBUzqRKsovRkJU4mbU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 17:21:19 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=b1JTdUEjRwBUzqRKsovRkJU4mbU
i.match
s.tribalfusion.com/z/ Frame 7238
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77a0dae10fe3714b-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77a0dae02e32714b-YUL
content-type
text/html
date
Thu, 15 Dec 2022 17:21:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
352
Pug
simage2.pubmatic.com/AdServer/ Frame F50C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K1UoQABr1P5RV25&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K1UoQABr1P5RV25&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 17:21:19 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:K1UoQABr1P5RV25&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-03ff547ea4beba57e@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame AD53
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720627700828
42 B
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720627700828
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720627700828
Pug
simage2.pubmatic.com/AdServer/ Frame 3898
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7993971252
  • https://sync.1rx.io/usersync3/centro/1508/dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341?zcc=0&sspret=1&rndcb=7993971252
  • https://sync.targeting.unrulymedia.com/csync/RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 15 Dec 2022 17:21:19 GMT
ETag
RX352cb321e52442759baaab4b8c3755b5005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 3350
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SMPY43EtM
42 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SMPY43EtM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SMPY43EtM
vary
Origin
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 67D7
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 15 Dec 2022 17:21:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 2829
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=059346aa-93af-44dc-9883-105562a251ce&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BF66B2B7-10A4-4A33-8409-E018E75178B2
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.205.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-205-56.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 15 Dec 2022 17:21:19 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 15 Dec 2022 17:21:18 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BF66B2B7-10A4-4A33-8409-E018E75178B2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame CF00
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7244112822114767911&uid=Q724411282211476...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244112822114767911
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244112822114767911
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=71434
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 15 Dec 2022 17:21:27 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244112822114767911
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
image2.pubmatic.com/AdServer/ Frame E0D3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vnFER7iXAMyEWLklj1ebYw
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vnFER7iXAMyEWLklj1ebYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=vnFER7iXAMyEWLklj1ebYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame D819 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 15 Dec 2022 17:21:19 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cm
ipac.ctnsnet.com/int/ Frame 6C7B 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 15 Dec 2022 17:21:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame C2AF
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=fd1ea09c-a0e6-4862-8559-e03c0d6660a2
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=fd1ea09c-a0e6-4862-8559-e03c0d6660a2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 15 Dec 2022 17:21:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=fd1ea09c-a0e6-4862-8559-e03c0d6660a2
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame CEB7 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 17:21:19 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-a7943a14b6d6@version_1.531
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame CE55
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923&gdpr=0&gdpr_consent=
1 B
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 17:21:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 15 Dec 2022 17:21:19 GMT
expires
Wed, 14 Dec 2022 17:21:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3ECD2A98285F4EF08DD93971EFDDD923&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
cksync.php
contextual.media.net/ Frame FE05 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=pba&refUrl=&vid=11248761733141264741454978000V10&ovsid=BF66B2B7-10A4-4A33-8409-E018E75178B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Thu, 15 Dec 2022 17:21:19 GMT
expires
Thu, 15 Dec 2022 17:21:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
Artemis
aud.pubmatic.com/AdServer/ Frame 90C9
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BF66B2B7-10A4-4A33-8409-E018E75178B2&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BF66B2B7-10A4-4A33-8409-E018E75178B2&addseg=10,33,39
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Dec 2022 17:21:19 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BF66B2B7-10A4-4A33-8409-E018E75178B2&addseg=10,33,39
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
5386
tags.bluekai.com/site/ Frame 90C9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BF66B2B7-10A4-4A33-8409-E018E75178B2&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f1d677ad0c1f4ca8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9eb7b67a8b7576f72db92f53163cb5f7&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=3057406e779216d4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
62 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
72.247.65.183 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 15 Dec 2022 17:21:20 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
221
SPug
image4.pubmatic.com/AdServer/ Frame 90C9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d81e639b-578b-4500-a081-9e458f2ab181
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d81e639b-578b-4500-a081-9e458f2ab181
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Dec 2022 17:21:19 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d81e639b-578b-4500-a081-9e458f2ab181
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 17:21:18 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 90C9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
42 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:19 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 90C9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5629475560403883698
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5629475560403883698
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5629475560403883698
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 90C9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7964311275014384432
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7964311275014384432
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 17:21:19 GMT
AN-X-Request-Uuid
7d2412b4-ae75-453f-ba5f-c97bc7c63016
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7964311275014384432
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 90C9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:584c9d3b-abf9-449a-9391-09ef75f8a064&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:584c9d3b-abf9-449a-9391-09ef75f8a064&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 17:21:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:584c9d3b-abf9-449a-9391-09ef75f8a064&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 15 Dec 2022 17:21:19 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame C995 		164 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28821819&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
19355a9b2e7cf8a649dc2f0b3d1e05175e2e05309e965e10d5af1c5bc17ed384

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 17:21:18 GMT
content-length
164
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 386C 		164 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5012715&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
19355a9b2e7cf8a649dc2f0b3d1e05175e2e05309e965e10d5af1c5bc17ed384

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 17:21:18 GMT
content-length
164
content-type
text/html; charset=UTF-8
396846.gif
idsync.rlcdn.com/ Frame C995
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d3c2cb1-0d73-47a2-9c39-5b5f36169b6d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d3c2cb1-0d73-47a2-9c39-5b5f36169b6d
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:19 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 15 Dec 2022 17:21:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6d3c2cb1-0d73-47a2-9c39-5b5f36169b6d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
362358.gif
idsync.rlcdn.com/ Frame 386C
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BF66B2B7-10A4-4A33-8409-E018E75178B2
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJwtirinQ_uVr3g5gYVGi7E&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJwtirinQ_uVr3g5gYVGi7E&google_cver=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:19 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 17:21:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJwtirinQ_uVr3g5gYVGi7E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 58AC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 90C9 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Dpba%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.37.0.b6b2cd303fd44a552d0d7fa5fe7ff8a42acf73aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d1eec3948a4661af20e8ae131554204fda646c7f71224f400869c3cde78bef4f

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 17:21:42 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sync
visitor.omnitagjs.com/visitor/ Frame 2B8D 		49 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=BF66B2B7-10A4-4A33-8409-E018E75178B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 15 Dec 2022 17:21:44 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
sync
gum.criteo.com/ Frame F799 		88 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUJ8GUQF&prvid=2034%2C2031%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C9%2C173%2C294%2C251%2C175%2C178%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C141%2C222%2C345%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5db56648fb4ae42f815df0b981304cbdf1b160249952ea80cbfb9b97284842ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:21:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1524438
expires
60
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=zS9xYaq9SKvFy03JE4a7&pi=medianet
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=zS9xYaq9SKvFy03JE4a7&pi=medianet
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:46 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=zS9xYaq9SKvFy03JE4a7&pi=medianet
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:46 GMT, Thu, 15 Dec 2022 17:21:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F799
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3141264741454978000V10%26type%3Damb%26refUrl%3D%26vid%3D11248761733141264741454978000V10%26ov...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=amb&refUrl=&vid=11248761733141264741454978000V10&ovsid=4472079285282843908
45 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=amb&refUrl=&vid=11248761733141264741454978000V10&ovsid=4472079285282843908
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 17:21:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 17:21:46 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=9&vsid=3141264741454978000V10&type=amb&refUrl=&vid=11248761733141264741454978000V10&ovsid=4472079285282843908
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
log
c21lg-d.media.net/ Frame F799 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=0PlH6p9NMdVab9YnRKW2gyzWRIpa1d9N&cs=15&vsid=3141264741454978000V10
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 17:21:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 15 Dec 2022 17:21:46 GMT
content-length
35
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1671048912&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671124871833&bpp=5&bdt=491&idt=346&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&correlator=7035940084554&frm=20&pv=2&ga_vid=1617610065.1671124872&ga_sid=1671124872&ga_hid=592695765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3971&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C31071266%2C44780792&oid=2&pvsid=3598040350531576&tmod=1478953451&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=omKiifHtiI&p=https%3A//www.bleepingcomputer.com&dtd=376
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1671048912&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ransomware%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671124871851&bpp=2&bdt=508&idt=465&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=7035940084554&frm=20&pv=1&ga_vid=1617610065.1671124872&ga_sid=1671124872&ga_hid=592695765&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C31071266%2C44780792&oid=2&pvsid=3598040350531576&tmod=1478953451&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=480
Domain
capi-tier-1-us-east-2.connatix.com
URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=208028
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
cks.connatix.com
URL
https://cks.connatix.com/cks?pid=26&ev=6db773666cc44d6e9db03090a45b01a9&pname=Synacor&api-tier=1&uid=330DBB44390F43F1AF2E5B58C83F3E4B&direct=1
Domain
capi-tier-1-us-east-2.connatix.com
URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=208028
Domain
capi-tier-1-us-east-2.connatix.com
URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=208028
Domain
tv.springserve.com
URL
https://tv.springserve.com/rt/12703?w=834&h=469&cb=74c8ff6e-5f54-4c3f-aa4c-de858a4d5f0c&url=www.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-patches-windows-zero-day-used-to-drop-ranso&us_privacy=&schain=1.0,1!connatix.com,102734,1,,,,
Domain
capi-tier-1-us-east-2.connatix.com
URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=208028
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001671124874-JANQWHA9-Q40V&uid=[UID]&gdpr=0
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/4b8f8957881b0c14cfc1656ea578b9f9.gif?&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dac67699ebc4111389a3cf1998c4bd2dc%26name%3DACUITY%26visitor%3D%5BUID%5D&gdpr=0&gdpr_consent=
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=d81e639b-578b-4500-a081-9e458f2ab181
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&pubid=92e0ecff80
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160925&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontentvisibilityautostatechange function| $ function| jQuery function| cnxps object| freestar object| apd_options function| gtag object| dataLayer object| adsbygoogle function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf function| admiral object| googletag object| regeneratorRuntime object| __cfBeacon boolean| fifabAlready function| fi_fab object| google_tag_manager undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| fsdata object| _comscore object| fsprebid string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint function| 4dm1r11545242527 object| cnx_usr_storage function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config object| fiUtils object| $customVisiblity object| $waitOn function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| load_script object| confiant function| ha object| google_image_requests object| COMSCORE function| udm_ object| ns_p object| gaplugins object| gaData boolean| __@@##MUH object| oattr object| hadron object| player_instance_0a14eb3dbd9f493a8717a0a9017f8a56 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| fsprebidChunk object| _pbjsGlobals object| mnet function| cnxProxyTask object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt object| pbjsChunk object| pbjs object| apstag object| _qevents boolean| apstagLOADED boolean| creativeVendorLibraryLoaded function| quantserve function| __qc object| ezt object| _qoptions function| pubHadronCb function| setImmediate function| clearImmediate object| ID5 object| Criteo undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| PublisherCommonId boolean| __halo_loaded__ object| au object| auvars function| docReady object| autag object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| _mNDetails function| cnxAddEventListener

257 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQpfu3ttEwCgoIgQIQpfu3ttEwCgoI4gEQpfu3ttEwCgoI5gEQpfu3ttEwCgoIhwIQpfu3ttEwCgkICRCl-7e20TAKCQg6EKX7t7bRMAoKCIwCEKX7t7bRMAoJCF8Qpfu3ttEwCgkIHxCl-7e20TA=
.mrtnsvr.com/sync Name: userId
Value: SMPY43EtM
i.liadm.com/s Name: _li_ss
Value: MgUIBhD7Ew
.bleepingcomputer.com/ Name: session_id
Value: 1e5b4567c22e412c39321a59b5367096
www.bleepingcomputer.com/ Name: lav
Value: 15586
www.bleepingcomputer.com/ Name: fs.bot.check
Value: true
.pub.network/ Name: _fsuid
Value: d89cd595-c9d4-43ca-a076-37595779a226
cdn.firstimpression.io/ Name: OAID
Value: fb5562deaa645c9c9abeefc937372bed
www.bleepingcomputer.com/ Name: __atuvc
Value: 1%7C50
www.bleepingcomputer.com/ Name: __atuvs
Value: 639b578877b20dc5000
.bleepingcomputer.com/ Name: _ga_GD465VRQLD
Value: GS1.1.1671124872.1.0.1671124872.0.0.0
.addthis.com/ Name: ouid
Value: 639b5788000158f9100e84919491db674699c74515d0aafba6e9
.addthis.com/ Name: di2
Value: aVU[m#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#34Q#1:R#19w
.addthis.com/ Name: um
Value: j.'2022121517211215900029808246'
.addthis.com/ Name: uid
Value: 639b5788854d93f6
.addthis.com/ Name: na_id
Value: 2022121517211215900029808246
.addthis.com/ Name: vc
Value: 2
www.bleepingcomputer.com/ Name: fs.session.id
Value: 38e525a1-c956-4dbb-8a79-af465fe2dfc8
.connatix.com/ Name: cnx_userId
Value: 6db773666cc44d6e9db03090a45b01a9
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.1617610065.1671124872
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.735333069.1671124872
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1670cfb71d6395bb27ae7e91671124872
.addthis.com/ Name: uvc
Value: 1%7C50
www.bleepingcomputer.com/ Name: cnx_userId
Value: 6db773666cc44d6e9db03090a45b01a9
.bleepingcomputer.com/ Name: __gpi
Value: UID=000008d436e5e7b2:T=1671124872:RT=1671124872:S=ALNI_MaCOUwIP-sq30dyFH-5qiYNzHXXnA
.addthis.com/ Name: loc
Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
.technoratimedia.com/ Name: tads_uid
Value: 330DBB44390F43F1AF2E5B58C83F3E4B
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221215172112+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adsrvr.org/ Name: TDID
Value: e5c0b27e-ca49-4d83-b03f-9e17e3a38729
.spotxchange.com/ Name: audience
Value: df96025e-7c9c-11ed-995f-196b415d0403
.bleepingcomputer.com/ Name: _awl
Value: 2.1671124872.5-1e6a3a73078ddd5446ff5b41626d458e-6763652d75732d6561737431-0
www.bleepingcomputer.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bleepingcomputer.com/ Name: cookie
Value: 0ba141a9-e733-490a-8e8f-088fa695f4e6
www.bleepingcomputer.com/ Name: _lr_retry_request
Value: true
www.bleepingcomputer.com/ Name: _lr_env_src_ats
Value: false
.quantserve.com/ Name: mc
Value: 639b5789-23a80-b35da-e584f
.bleepingcomputer.com/ Name: __qca
Value: P0-550890645-1671124873065
www.bleepingcomputer.com/ Name: ntvSession
Value: {}
.go.sonobi.com/ Name: __uis
Value: 7c35c692-8f8b-4370-87e1-e5105c9935fd
.go.sonobi.com/ Name: _usd_bleepingcomputer.com
Value: d1828049-aed4-4445-b080-64bf3bbefc29
.go.sonobi.com/ Name: HAPLB8A
Value: s85152|Y5tXj
.sharethrough.com/ Name: stx_user_id
Value: 930966de-908b-44db-8bb4-acb19f7301b1
.yahoo.com/ Name: A3
Value: d=AQABBIlXm2MCEFGIrxAZhhQsa_L09yi3-gYFEgEBAQGpnGOlYwAAAAAA_eMAAA&S=AQAAAgNAtKlNXvjKCTClvCBJeL4
.postrelease.com/ Name: visitor
Value: e857381b-f945-4f00-a203-e6c8cfc49fad
.postrelease.com/ Name: status
Value: 0
.bleepingcomputer.com/ Name: cto_bundle
Value: uHNsu19LT2NyYndNY1VmYjNiN0taOWR1b3QzR1JkYzM0U01ROEVjM1VFaU5ZczJPbG5td3lGellvb09Bckk5TFY3bUVBTHRJS0YzZUUlMkZQU3dRc09ReWl6ZyUyRmdvbnZhYkJ3UXFjdCUyRnZIZFN2VmhlSCUyQnZyQXZvaFZjQ1ZYVG9TZzRZWjZi
.bleepingcomputer.com/ Name: cto_bidid
Value: uKj64V9CZk9tSVhKN0F3cWVXN0xnMyUyRlYlMkJ6WGdWQmRyeHJwNSUyRkh2dUM4OGo4VTRCUyUyRnVhcGtiZ081NGZXR2dhalZybVkwWUl2aFpEWWNzdUJ1NHoyckVZVkNDa3JzOFFqNWlYSCUyQmNaeTJ5N1FYUWslM0Q
.yieldmo.com/ Name: yieldmo_id
Value: g6b678312c8c42161cb9%7C1671124873590%7C0%7C
.id5-sync.com/ Name: id5
Value: f4541e1b-133d-7459-8c31-56c1834484f4#1671124873702#1
.lijit.com/ Name: ljt_reader
Value: F0jxhLZH6eZ53b2YQ6iZr4eq
.bleepingcomputer.com/ Name: _au_1d
Value: AU1D-0100-001671124874-JANQWHA9-Q40V
.bleepingcomputer.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2NzExMjQ4NzQsInR0ZCI6MTY3MTEyNDg3NCwicHViIjoxNjcxMTI0ODc0LCJ0YXBhZCI6MTY3MTEyNDg3NCwiYWR4IjoxNjcxMTI0ODc0LCJnb28iOjE2NzExMjQ4NzQsInJ1YiI6MTY3MTEyNDg3NCwic29uIjoxNjcxMTI0ODc0LCJvcGVueCI6MTY3MTEyNDg3NH0=
.adnxs.com/ Name: uuid2
Value: 7964311275014384432
.openx.net/ Name: i
Value: eb566c8e-69b3-4e35-9996-13446baac948|1671124873
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BF66B2B7-10A4-4A33-8409-E018E75178B2
.tapad.com/ Name: TapAd_TS
Value: 1671124873856
.tapad.com/ Name: TapAd_DID
Value: 2ab77f41-7cd1-441d-b7c6-59ab82a4c385
.bleepingcomputer.com/ Name: __gads
Value: ID=c86a005f9572cfc4-22d79cac60b40058:T=1671124872:S=ALNI_MZtXMQXLTE6i1oguwhe4Lgi98hldw
.rubiconproject.com/ Name: khaos
Value: LBPCLP5R-B-JTJD
.doubleclick.net/ Name: IDE
Value: AHWqTUnRLX5-8M0v2Ei0LnviS0I50IuWkwi5QZ_6rR6GZRwyE58ZFhjLcX0pwJfeaBc
.ad.gt/ Name: au_id
Value: AU1D-0100-001671124874-JANQWHA9-Q40V
.ad.gt/ Name: g_hosted
Value:
.media.net/ Name: visitor-id
Value: 3141264741454978000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.emxdgt.com/ Name: uid
Value: 53491671124874305228b3
.emxdgt.com/ Name: apn_id
Value: 7964311275014384432
.omnitagjs.com/ Name: ayl_visitor
Value: 6d57a4d92738362ffc56cf1e02b72ece
.zemanta.com/ Name: zuid
Value: yH6YX6kHP9S5e3yY820t
.bidr.io/ Name: bito
Value: AAEv_E7HNq8AACAQBW1vQA
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidswitch.net/ Name: tuuid
Value: e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
.bidswitch.net/ Name: c
Value: 1671124874
.bidswitch.net/ Name: tuuid_lu
Value: 1671124874
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6f525375-4123-4700-54ce-a44ab28bd190.tiXIEjDj%2BaF6kyIowTgjPJqQUa0icdsI2eLDhDaRnq8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ab1JTdUEjRwBUzqRKsovRkJU4mbU.w1cBZBSMiuPEy%2Ff1Oy%2F6bMNMUxA9fw3aBWUB%2FIQjq50
.smartadserver.com/ Name: pid
Value: 7725544352171782613
.adotmob.com/ Name: uid
Value: 087e2204074fbc2682981cf6
.adotmob.com/ Name: uuid
Value: 087e2204074fbc2682981cf6
.adotmob.com/ Name: partners
Value: AYL%3A1671124874837
.contextweb.com/ Name: V
Value: X7ml1G9Ozzw9
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d64732986c02c4d8
.e-volution.ai/ Name: v_usr
Value: 57bff3a4-128a-4db0-899d-6d2cda5ec48e
.ads.stickyadstv.com/ Name: UID
Value: 9968dfaf7bb9a2ba4ef7b1b35c491cdc
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3NDYytDCytLQwMzMyMTY3E-Iz1A2sKi7IdDPwygmK9wEAhoj-2iQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3NDYytDCytLQwMzMyMTY3E-Iz1A2sKi7IdDPwygmK9wEAhoj-2iQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5oaGRiYW5iaWICADI0HF4QAAAA
.creativecdn.com/ Name: u
Value: zS9xYaq9SKvFy03JE4a7
.creativecdn.com/ Name: ts
Value: 1671124874
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: e3edcfd0-0cbe-535d-ab56-dfc9c8cd8842
.betweendigital.com/ Name: ss
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIAndhdRbqszG_NLVWyaATU&KRTB&16514-CAESEIAndhdRbqszG_NLVWyaATU&KRTB&23025-CAESEIAndhdRbqszG_NLVWyaATU&KRTB&23386-CAESEIAndhdRbqszG_NLVWyaATU
.liadm.com/ Name: lidid
Value: c7b5c72a-3441-4960-a95a-0d94a9bf8957
.simpli.fi/ Name: suid
Value: 3ECD2A98285F4EF08DD93971EFDDD923
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5tXigAEOaXcXAAF
.betweendigital.com/ Name: ut
Value: Y5tXjAADZxgnBYnjYm0WoUo-_cw9Bol436UUoQ==
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:3ECD2A98285F4EF08DD93971EFDDD923
.bluekai.com/ Name: bku
Value: ikG99/oUZt1jA46y
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e5c0b27e-ca49-4d83-b03f-9e17e3a38729&KRTB&22918-e5c0b27e-ca49-4d83-b03f-9e17e3a38729&KRTB&23031-e5c0b27e-ca49-4d83-b03f-9e17e3a38729
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnX4S-ZWGGewoGJ1b6d3M45XHIIkNwQkVocPO8rIfM5xjR5PEqJmr2RBcImZQC4TM1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8393-2!8393
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5tXigAEOaXcXAAF&KRTB&22978-Y5tXigAEOaXcXAAF&KRTB&23194-Y5tXigAEOaXcXAAF&KRTB&23209-Y5tXigAEOaXcXAAF
.turn.com/ Name: uid
Value: 4472079285282843908
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&KRTB&16736-uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&KRTB&23019-uid:1fe2639b-578b-4400-b314-2ce5b86bc27a&KRTB&23208-uid:1fe2639b-578b-4400-b314-2ce5b86bc27a
.mathtag.com/ Name: uuid
Value: d81e639b-578b-4500-a081-9e458f2ab181
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4472079285282843908&KRTB&23150-4472079285282843908
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tidaltv.com/ Name: tidal_ttid
Value: b0d17272-277e-468d-a259-401b3a43ec6a
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjY2sjI0NgMAQNJrlQkAAAA="
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0380e820-e0b5-4725-85a1-d56efc9f8c28"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2788:u=1:x=1:i=1671124875:t=1671211275:v=2:sig=AQEsPlAxdNNq-dHHHWhEie9xQcxqfwFO"
.smartadserver.com/ Name: csync
Value: 96:b0d17272-277e-468d-a259-401b3a43ec6a|127:AAEv_E7HNq8AACAQBW1vQA
.3lift.com/ Name: tluid
Value: 2442628202676436868836
.sitescout.com/ Name: ssi
Value: dfa8b2a1-d9a6-4c40-982b-4989d71e000b#1671124875218
.spotim.market/ Name: vmuid
Value: d28f18fbdf67107a
.spotim.market/ Name: a271858
Value: 7964311275014384432
.spotim.market/ Name: a482928
Value: 0124dc18-79ab-422b-a8cc-1bb98ed63838
.spotim.market/ Name: a644680
Value: 2442628202676436868836
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 9eb7b67a8b7576f72db92f53163cb5f7
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsExNMk8yM0%2B0SDI3NTdLMzdKSbI0SjM1NjQzTk4yTTNnAILk2eHdIBoKAFwDCto%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInh3eDaSgAAAXaAHh"
.spotim.market/ Name: a309017
Value: dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005%22%7D
.spotim.market/ Name: a708476
Value: RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWR5b3VsaWtlIjp7InVpZCI6IjZkNTdhNGQ5MjczODM2MmZmYzU2Y2YxZTAyYjcyZWNlIiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMTc6MjE6MTQuNjUwMzM1MzkxWiJ9LCJ5YWhvb3NzcCI6eyJ1aWQiOiJ5LXRxdnZ3Z0pFMnVHQzBGWjhYNG1PZDNlWFlTT2RqYmtQN2NMNi5fQS1-QSIsImV4cGlyZXMiOiIyMDIyLTEyLTI5VDE3OjIxOjE0LjAyODI0NTQ5NVoifSwiZW14X2RpZ2l0YWwiOnsidWlkIjoiNzk2NDMxMTI3NTAxNDM4NDQzMmJydDUzNDkxNjcxMTI0ODc0MzA1MjI4YjMiLCJleHBpcmVzIjoiMjAyMi0xMi0yOVQxNzoyMToxNC40Mzg3NjM4NDlaIn0sIm1lZGlhbmV0Ijp7InVpZCI6IjMxNDEyNjQ3NDE0NTQ5NzgwMDBWMTAiLCJleHBpcmVzIjoiMjAyMi0xMi0yOVQxNzoyMToxNC4xNzAyMDYwMDVaIn0sInNoYXJldGhyb3VnaCI6eyJ1aWQiOiI5MzA5NjZkZS05MDhiLTQ0ZGItOGJiNC1hY2IxOWY3MzAxYjEiLCJleHBpcmVzIjoiMjAyMi0xMi0yOVQxNzoyMToxMy40MjE0NzAyNDZaIn0sInNvdnJuIjp7InVpZCI6IkYwanhoTFpINmVaNTNiMllRNmlacjRlcSIsImV4cGlyZXMiOiIyMDIyLTEyLTI5VDE3OjIxOjEzLjgyMDczOTYzN1oifSwib3BlbngiOnsidWlkIjoiMDEyNGRjMTgtNzlhYi00MjJiLWE4Y2MtMWJiOThlZDYzODM4IiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMTc6MjE6MTUuNTIwNDY3OTg5WiJ9LCJ5aWVsZG1vIjp7InVpZCI6Imc2YjY3ODMxMmM4YzQyMTYxY2I5IiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMTc6MjE6MTMuNjU1MDM5MDYzWiJ9fSwiYmRheSI6IjIwMjItMTItMTVUMTc6MjE6MTMuNDIxMzMwNzFaIn0=
.openx.net/ Name: univ_id
Value: 537072971|e5c0b27e-ca49-4d83-b03f-9e17e3a38729|1671124875537845
.amazon-adsystem.com/ Name: ad-id
Value: A6ctsKSQQUcqoOfv7S1yPOw
.pippio.com/ Name: did
Value: 7Ir-21GLsdlawlqX
.pippio.com/ Name: didts
Value: 1671124876
.pippio.com/ Name: nnls
Value:
.media.net/ Name: data-o
Value: f0d63a48-6b34-4b22-a00f-a5c2bd626869~~9
.media.net/ Name: data-mm
Value: d81e639b-578b-4500-a081-9e458f2ab181~~9
.criteo.com/ Name: uid
Value: cce5e24a-5d13-42f7-8f58-3d699e8e9406
.media.net/ Name: data-rk
Value: 979321829986624376~~9
.w55c.net/ Name: wfivefivec
Value: K1UoQABr1P5RV25
.pippio.com/ Name: pxrc
Value: CIyv7ZwGEgQIAhAAEgYI7OsBEAA=
.mookie1.com/ Name: id
Value: 10596829190239181973
.mookie1.com/ Name: mdata
Value: 1|10596829190239181973|1671124876298
.mookie1.com/ Name: ov
Value: 8b4ad9abfd20b8cdbfde2cb91b11a074
.mfadsrvr.com/ Name: tuuid
Value: 70b52a81-f73d-4423-80ab-e4b4c862aaa3
.mfadsrvr.com/ Name: c
Value: 1671124876
.mfadsrvr.com/ Name: tuuid_lu
Value: 1671124876
.media.net/ Name: data-g
Value: CAESEBI6JAyaOmRo2PMX8j_5mXk~~9
.media.net/ Name: data-ttd
Value: e5c0b27e-ca49-4d83-b03f-9e17e3a38729~~1
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-c
Value: cce5e24a-5d13-42f7-8f58-3d699e8e9406~~1
.media.net/ Name: data-c-ts
Value: 1671124876
.linksynergy.com/ Name: rmuid
Value: fa3a5b65-32e4-40e6-8660-546177406ce9
.linksynergy.com/ Name: icts
Value: 2022-12-15T17:21:16Z
.media.net/ Name: data-xu
Value: K1UoQABr1P5RV25~~9
.mookie1.com/ Name: syncdata_TAP
Value: 1
.media.net/ Name: data-co
Value: AAABt360ZG-XRgNgsYoHAAAAAAA~~9
.media.net/ Name: data-mf
Value: 70b52a81-f73d-4423-80ab-e4b4c862aaa3~~1
.media.net/ Name: data-r
Value: LBPCLP5R-B-JTJD~~1
.media.net/ Name: data-ze
Value: yH6YX6kHP9S5e3yY820t~~9
.media.net/ Name: data-r1
Value: RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005~~9
.agkn.com/ Name: ab
Value: 0001%3AKxYTKouhhd5kmI3qSOAxHPTXK0NuGcc8
.mookie1.com/ Name: syncdata_NEU
Value: 1
.openx.net/ Name: pd
Value: v2|1671124875.1|iKbwuYvPvMgahEgKkWg2gy.mmvJeSwrf8ke
.33across.com/ Name: 33x_ps
Value: u%3D212056468393326%3As1%3D1671124876770%3Ats%3D1671124876770
.media.net/ Name: data-bs
Value: e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89~~1
.ads.yieldmo.com/ Name: ptrstk
Value: b1JTdUEjRwBUzqRKsovRkJU4mbU
.linkedin.com/ Name: li_sugr
Value: 6e0840ca-4a03-44f3-ae4e-23857a7127f3
.ads.yieldmo.com/ Name: ptrt
Value: e5c0b27e-ca49-4d83-b03f-9e17e3a38729
.ads.yieldmo.com/ Name: ptrmf
Value: 70b52a81-f73d-4423-80ab-e4b4c862aaa3
.tynt.com/ Name: uid
Value: F6nZ2GObV4yccnl1UU4BOA==
.ipredictive.com/ Name: cu
Value: e0578d97-aac0-45d4-b198-18ce905818cf|1671124876884
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 0C9438B55FE560261D872ACE5E4F6192
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1671124876!yieldmo,1671124876!medianet,1671124876
.adform.net/ Name: C
Value: 1
.admixer.net/ Name: am-uid
Value: 60d3b747e3bc44ab8f867eb77ed38cf1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1671124876922%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1671124876922%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1671124876922%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1671124876922%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1671124876922%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1671124876922%7D%5D
.adform.net/ Name: uid
Value: 5629475560403883698
.ads.yieldmo.com/ Name: ptrrc
Value: LBPCLP5R-B-JTJD
.ads.yieldmo.com/ Name: ptreps
Value: AAAJP416tApWaQN2rc1NAAAAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "19aa~28v5:18z8~28v5:18za~28v5:190u~28v5"
.ads.yieldmo.com/ Name: ptradfm
Value: 7018216432214041642
.adsymptotic.com/ Name: U
Value: 59d246103b611e8385e598b12ecced63
.pswec.com/ Name: tuuid
Value: b160d375-a634-45ce-ad00-00f165957bf5
.pswec.com/ Name: c
Value: 1671124877
.pswec.com/ Name: tuuid_lu
Value: 1671124877
.rubiconproject.com/ Name: audit
Value: 1|ieRqnTiQ648Ax80nH7UyRwl1Kwgv4/w/EYSVmPJnDArWaDs14xzbSOw+OOWjeF+TZ4MmcGdwr5nyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcncJnBrO2kv3F0jwfpwu6mqCf4N0SmXG/WmL1tj5Blz3sYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.quantserve.com/ Name: d
Value: EI8BCwHoJ_ijAA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH&KRTB&19420-psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH&KRTB&22979-psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH&KRTB&23403-psQFXaXABAa9xQ9eqMcRXaPCWF69kgkHpJEkffKH
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-e0578d97-aac0-45d4-b198-18ce905818cf&KRTB&23011-e0578d97-aac0-45d4-b198-18ce905818cf&KRTB&23355-e0578d97-aac0-45d4-b198-18ce905818cf
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7964311275014384432&KRTB&23339-7964311275014384432
.deepintent.com/ Name: CDIUSER
Value: di_af75cf95152a4c399ea5e
.spotim.market/ Name: a448580
Value: BF66B2B7-10A4-4A33-8409-E018E75178B2
.dotomi.com/ Name: DotomiTest
Value: d9931da61201a18
io.narrative.io/ Name: io.narrative.guid.v2
Value: e3006630-7c9c-11ed-a2b2-0ecbf2332f6f
.semasio.net/ Name: SEUNCY
Value: 5F438CF97D72A06F
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEv_E7HNq8AACAQBW1vQA
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAJP416tApWrwM8Ju9PAAAAAAA&KRTB&22713-AAAJP416tApWrwM8Ju9PAAAAAAA&KRTB&22715-AAAJP416tApWrwM8Ju9PAAAAAAA
.creative-serving.com/ Name: tuuid
Value: e169edb1-0c72-4ee2-b822-3b2af19d8487
.creative-serving.com/ Name: c
Value: 1671124878
.creative-serving.com/ Name: tuuid_lu
Value: 1671124878
.mxptint.net/ Name: mxpim
Value: R1B330_FAF1B0EA_412DE822.1.0000000000000000639B578E
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ht0|7dN.0.AAEv_E7HNq8AACAQBW1vQA
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B330_FAF1B0EA_412DE822&KRTB&23092-R1B330_FAF1B0EA_412DE822
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEv_E7HNq8AACAQBW1vQA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e34e7ba8-58e4-4c0b-9925-ca61fe7f1e89
.pubmatic.com/ Name: SyncRTB3
Value: 1676246400%3A69%7C1671926400%3A63%7C1672272000%3A166_104_48_56_234_214_250_22_54_55_239_233_176_5_249_96_204_165_81_13_99_7_220_231_71_3_238_8_178_21_240_243%7C1671667200%3A38_223_2_15%7C1672358400%3A35%7C1673654400%3A224
.w55c.net/ Name: matchpubmatic
Value: 5
.acuityplatform.com/ Name: auid
Value: 720627700828
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTE3+o11c2VyTWF0Y2hpbmdJZCQDqpFsYXN0RHJvcFRpbWVNaWxsaXMlAUJFWV9yqJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFCRVlfcqiPdGhpcmRQYXJ0eVVzZXJJZGNlMzRlN2JhOC01OGU0LTRjMGItOTkyNS1jYTYxZmU3ZjFlODn7gDb6QsxDJQFCRVlgP6BEJQFCRVlgP6BFIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-b1JTdUEjRwBUzqRKsovRkJU4mbU&KRTB&23334-b1JTdUEjRwBUzqRKsovRkJU4mbU&KRTB&23417-b1JTdUEjRwBUzqRKsovRkJU4mbU&KRTB&23426-b1JTdUEjRwBUzqRKsovRkJU4mbU
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-720627700828&KRTB&23428-720627700828
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:K1UoQABr1P5RV25&KRTB&23421-uid:K1UoQABr1P5RV25
.adgrx.com/ Name: ADGRX_UID
Value: e39fbfc8-7c9c-11ed-906a-20af8fa26946
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-SMPY43EtM&KRTB&23413-SMPY43EtM
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY3MTEyNDg3OTQ0MywiMzkiOjE2NzExMjQ4NzUyNTEsIjE3IjoxNjcxMTI0ODc2ODAxLCI3IjoxNjcxMTI0ODc1MjUxLCI3NCI6MTY3MTEyNDg3NTI1MSwiNjQiOjE2NzExMjQ4NzkzOTF9
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005%22%2C%22nxtrdr%22%3Afalse%7D
.media.net/ Name: data-pba
Value: BF66B2B7-10A4-4A33-8409-E018E75178B2~~9
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-059346aa-93af-44dc-9883-105562a251ce
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-e39fbfc8-7c9c-11ed-906a-20af8fa26946&KRTB&23275-e39fbfc8-7c9c-11ed-906a-20af8fa26946
.ctnsnet.com/ Name: cid_10d62d9af2aa4658bf32d5e8c84c21f1
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3AtvrQYk4K5OCVJHh5Ea3qd3wFR02MblVF.KfwNHGW6AtU8ahc1gCod6tA9biYRgkTvVNU9feTpVFQ
.fiftyt.com/ Name: fifid
Value: 0a301e7b-4ccd-47e1-5b74-a7540e373389
.fiftyt.com/ Name: cs
Value: MTY3MTEyNDg3OXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHfsxjiNpvbPICUsxWzN_j9Dn7MFATMeAEvrqVxYpY0n
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&KRTB&23418-dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341&KRTB&23424-dfa8b2a1-d9a6-4c40-982b-4989d71e000b-639b578b-4341
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 47531ee6-47ab-485c-8f12-f1f5d002f889
beacon.lynx.cognitivlabs.com/ Name: ss
Value: g%2FEum55uBeLNnERNzKCHPhrTG9AV9Vsqlmp0wo4fxZmQ3wr%2B2G11CPZ%2B4jYbeJEurZTlsaQm4gkqqz83GYb7DQ%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5629475560403883698&KRTB&23263-5629475560403883698
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005&KRTB&17107-RX-352cb321-e524-4275-9baa-ab4b8c3755b5-005
.tribalfusion.com/ Name: ANON_ID
Value: a8nseFw5EGjAaINQeEcJkGlKJauZcVgTRPNQGbSMtuUoVZbYSsjC3lgh4Ly3rA1166gkbZdfGNOr7SMM0IWUabP
.fiftyt.com/ Name: fppm
Value: 20221215172119
.inmobi.com/ Name: idsp_c
Value: fd1ea09c-a0e6-4862-8559-e03c0d6660a2
.csync.loopme.me/ Name: viewer_token
Value: 1aec375b-53d4-4f4e-bc61-60ea1442cb1b
.onaudience.com/ Name: cookie
Value: f1d677ad0c1f4ca8
.onaudience.com/ Name: done_redirects104
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 584c9d3b-abf9-449a-9391-09ef75f8a064.440338879
.onaudience.com/ Name: done_redirects109
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1671667200%3A253_248_252_164%7C1671148800%3A174%7C1672272000%3A245_219_197_201_221_226_236_228
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1671146479875
.rlcdn.com/ Name: rlas3
Value: I2qD50sG1fpGbgRU+n9/HFkBYmhFFM2gqSNUbPt6Nl4=
.rlcdn.com/ Name: pxrc
Value: CIiv7ZwGEgUI6AcQABIFCOhHEAQSBgi66gEQBw==
.c.appier.net/ Name: _auid
Value: vnFER7iXAMyEWLklj1ebYw
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-vnFER7iXAMyEWLklj1ebYw
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwj-roHO2bKvOxAFEhYKB3J1Ymljb24SCwim88DX2bKvOxAFEhYKB3N2eDl0NTASCwiW5Nbo2bKvOxAFEhgKCWJpZHN3aXRjaBILCIqqwOvZsq87EAUSFgoHYmx1ZWthaRILCKyg5Ijasq87EAUYASACKAIyCwiKosOY8LKvOxAFOAFaCWJpZHN3aXRjaGAC
.pubmatic.com/ Name: SPugT
Value: 1671124881
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7244112822114767911P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7244112822114767911&KRTB&22521-Q7244112822114767911
.pubmatic.com/ Name: PugT
Value: 1671124886

10 Console Messages

Source Level URL
Text
javascript warning URL: https://cd.connatix.com/connatix.playspace.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cd.connatix.com/connatix.playspace.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Message:
Refused to execute script from 'https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCIiv7ZwGEgUI6AcQAEIASiA2ZGI3NzM2NjZjYzQ0ZDZlOWRiMDMwOTBhNDViMDFhOQ' because its MIME type ('image/gif') is not executable.
javascript error URL: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://www.bleepingcomputer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e5c0b27e-ca49-4d83-b03f-9e17e3a38729&gdpr=0&gdpr_consent=&expires=30
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOUEmZVjN61nBDztgjdMWyI&google_cver=1
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_FGJpqBE2oL95cu0RYg2RybhvZn.mErtCj388g--~A
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160925&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.ad.gt
a.pub.network
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api.btloader.com
api.floors.dev
api.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cds.connatix.com
cks.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
colossusssp.com
contextual.media.net
core.iprom.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d.pub.network
de.tynt.com
dis.criteo.com
e0923b16691b2b855992e1f8c6e4bed1.safeframe.googlesyndication.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
functionalfeather.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hblg.media.net
hbx.media.net
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
inv-nets.admixer.net
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lg3.media.net
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
medianet-match.dotomi.com
mug.criteo.com
mweb.ck.inmobi.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
p.ad.gt
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.ntv.io
s.spotim.market
s.tribalfusion.com
s2s.t13.io
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
seg.hadron.ad.gt
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
stags.bluekai.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
sync-adform.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.e-volution.ai
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.pswec.com
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
tv.springserve.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
vid.connatix.com
vid.vidoomy.com
visitor-usa02.omnitagjs.com
visitor.fiftyt.com
visitor.omnitagjs.com
warp.media.net
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yieldmo-match.dotomi.com
z.moatads.com
api.rlcdn.com
capi-tier-1-us-east-2.connatix.com
cks.connatix.com
cs.admanmedia.com
googleads.g.doubleclick.net
imasdk.googleapis.com
s7.addthis.com
simage4.pubmatic.com
sync.go.sonobi.com
tv.springserve.com
100.20.115.147
104.127.172.242
104.18.99.194
104.20.59.209
104.26.13.6
104.45.178.220
104.64.59.24
104.66.251.81
104.81.240.21
107.151.11.50
107.178.246.49
107.178.254.65
108.139.29.63
108.139.50.211
109.206.161.21
130.211.23.194
141.148.45.191
141.94.171.216
141.95.33.111
141.95.98.64
142.250.176.194
142.251.40.166
143.204.144.76
143.204.146.41
15.197.193.217
151.101.130.137
151.101.194.49
151.101.66.137
159.65.196.12
162.248.18.10
162.248.18.37
169.197.150.8
172.104.105.5
173.231.178.116
18.164.96.6
18.164.96.90
184.28.212.188
184.28.213.46
184.28.213.65
185.167.164.49
185.184.8.90
192.132.33.46
192.35.249.138
195.244.31.10
195.5.165.20
198.148.27.140
199.127.204.171
199.187.193.177
199.187.193.192
199.38.167.130
2001:41d0:701:1000::96f
204.62.13.72
207.198.113.86
209.54.182.161
213.19.162.80
216.200.232.249
23.192.31.127
23.198.216.120
23.200.196.24
23.22.34.165
23.227.139.243
23.44.133.61
23.49.100.28
23.54.69.151
23.78.138.84
2600:1901:0:7416::1
2600:1f18:1c96:4103:3aff:d9d1:28bb:85c3
2600:1f18:4e9:5a07:5032:8a68:2087:27ba
2600:9000:21dd:0:8:48e:53c0:93a1
2600:9000:21dd:a00:6:44e3:f8c0:93a1
2600:9000:2511:6800:a:e047:752:5701
2606:4700:10::6816:545
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:832
2606:4700:20::ac43:49e4
2606:4700::6810:3865
2606:4700::6810:5714
2606:4700::6812:106b
2606:4700::6812:15ce
2606:4700::6812:18ad
2606:ae80:1471:12::440
2607:f8b0:4006:808::2001
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2008
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:c11::200
2a02:2638::24
2a02:6ea0:c400::12
3.132.97.243
3.211.208.93
3.218.77.41
3.218.90.66
3.92.113.255
34.102.146.192
34.102.163.6
34.102.253.54
34.107.140.113
34.117.239.71
34.120.107.143
34.149.20.76
34.160.110.8
34.160.128.112
34.204.240.59
34.205.97.218
34.225.175.117
34.226.72.146
34.236.83.94
34.98.64.218
34.98.67.3
35.186.193.173
35.190.60.146
35.190.90.30
35.194.66.159
35.201.96.126
35.207.24.140
35.211.178.172
35.214.223.115
35.227.252.103
35.71.139.29
4.78.226.233
44.208.184.190
44.209.207.157
44.237.176.198
44.239.200.92
5.161.47.120
50.16.138.112
50.57.31.206
51.222.39.186
52.1.215.83
52.207.100.100
52.85.61.120
54.243.126.57
54.243.58.43
54.81.205.56
54.82.227.189
54.83.173.41
54.88.76.203
63.251.28.233
63.251.86.49
67.202.105.24
67.202.105.33
67.220.228.202
68.67.161.208
68.67.179.89
69.166.1.15
69.90.254.78
70.42.32.127
72.247.65.183
74.119.119.139
74.119.119.150
8.2.111.124
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
96.46.183.20
010b1df33a297efc3df1d8cfd8998199b970b9fb7e614cbba10ec0e769e977f2
030eb475ef7c0c106d7209a34c0bd8bbd170afaeff8869cdf8643502630e74de
03466eced1fd270a167b470e99aa65ae07464af2fc9e0931bdb80aabce469daa
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0638cfd1490c7f9e1a405288da36350d213702a96be3a2bdf58c48c0dc4f2ea7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
078813a74f777fa49548ab0e2e8acb1c918aa1d0124c2c243ee547aac6a7e2d8
07bb21aa34177a5c4d3b1c8a06943e52ca295124455b107cd7401224d6e2531c
087e211bbbdba9abd7e9ee2c4108e251db57e940036165afe2d78484a9a943b5
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0ad74c012ba5765e5a3b294f62dfb8521b8af03a23cd21aa26025e5a8da270bd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c62d3350b7b877554d2f7c477d4907897c1daecc06a1d002413cb502f11e3a8
0c8326c401275771acb66ced7a457517f2d9ac64ac032a3b7257ff5950f7cc60
0cfabc39e137f99930afb1dd35596fb134c403e208166f8dc548001b65b7f3be
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1266b5c3e0e32cc696d690b70d08fe59c0fbdaa3fafa141f0c71218cb574960d
126fc7a47fe5a4e1519c3a1fc453876d84e0e938a2d7bdfb10876dfe16243056
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19355a9b2e7cf8a649dc2f0b3d1e05175e2e05309e965e10d5af1c5bc17ed384
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1c118121b72f1d1960b607a3586e877b36e7e7046802da20daa82ddff00f3b0a
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1fa04bb2247cd798fb0e1bc27bcf44155b4a7d5511b2ba33edd3eca0cc1c5001
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
24aa0fff69f6e202047376b1f950901a7fd7297a268ea24d5314968ddbff7535
24e8c18a89152ca026c01970d6d7e1f1d6f2604f2b8e30c2d948e01a01885493
251b97479c72b5b0e35b1dcb02a395dc2f549997c8a0194dda8507e2f9e97d75
29676304580ef48e6ecf61c48634b59d751c08f167a77377b7048102bef694a9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
3248dffc5428b06d1cdd780296458f5af40aa9cd9d366222bdda4477181f4d39
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36210e4354377ca7bc2a86afbb67251a3ca37fcf49baf5f2da10e45efd39ef87
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
384457f1206ca83b11d3b93e06e970e10921376da4a3f28aa92ac8f033ef828b
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
3c442e2f98ed7dca6f5f00e82c8e169a29266eaefa824fb2ba71e4ecb0616706
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
441a8af0cb66ff9948787c5ea62b541e17183cd674c0dfed4bed8e40ebaa0aec
45eb532e14893017919a19c9487a11c5f81d678f63a4868c52e2197158d4803f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dd7329fae693cad6f963d6003d0f43231df94b536c2bfa3c94f25671b9a5ed
46e0100048a208436f91dd90b13dc27d406a15942d7e663e02ea1a11edac77bf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4dc8a076fcff4325c0a954f31f99f22ec5282c25b98dffc16365e0fee3c85fea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5442890d0ce895f47a9e586aebb777c54a89373714cc805d714d57992999c200
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f5c1a1d9f6cc9b85479d94f6e4ebc99e3e8c7868199c62b832eb5783083e6f
55b643a9f145aeb4660c55e8a67e1f7cc3fa3e9616c932ad7a0b16c62936da62
5c040e6ed7600ec19f251b202d5c74d640443ab8ea79e003acbf913fb1f87fb7
5c1c42cd16802a0c0199ca6adb79b2fa449a9955c306359fab17a435b452463d
5c4526dcd1d64d4570ed72cbf1380888aa0bfcd5272a352318e0748d22caa207
5cb194eb96c0fc5d4d21d22161d97f4fb6d346e86420e1474bc120a34c5c3aca
5db56648fb4ae42f815df0b981304cbdf1b160249952ea80cbfb9b97284842ad
5dc2c1613a7c3d5b9a1d6eb402e13ad2859a0e629695619cd983ecd6c17ef37d
5f2c1a70ee959152fd66841f85a1a471a59d3511915fec2ce7658a4fec6ae71e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bddfcfbf6c212c61d6ac6d1074151046bccba72dba9640a7361cca967c1166a
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e4411d6acc08d894d5cc5f3a25aeb4c6fccff667ff5e54837379709ee74edcb
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
74bacc9c3131881bd72a404f24a7370fe30f787a456ad7b47054bf71328335f7
76d10326e74fe1c5757a2a8e3e255448616d70680d5e85455a5478f9861bcbab
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79b20186a9a48fff67e6e89546f6aa7628b28eaeb5e0485a25c13e8b46f90d77
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c61f67b1b1399af6d07e49e904a0e5ed88698441a36e5aaae5d35deb90b35e5
7ca35f04434365f26091ab5b0b82a22c8f815415c9742c9215f67c9c8df8d35c
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509
88600b32d00fd4cdeb975a88bb1d5630d4e6ef3e4fec015423038f324ee5d56e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8b8813e76f83897acebb2155a7c86b199a8dd39fa6a2c8d2d7e1508a9f2a38
8b66a32676b8b10767dde5b07ed820cb68a52986deb67dba5225b335b4388177
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd
933cc5be181c339052c537dc5123694ee997b964dc04cf92e97f727680075ea0
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
94659d833506ce389c63600cfca80aa079eb4fca4c67736dfbeec87dfe6885fa
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb
96eeab5f23635790c0f785cf7be287a333fc8a9961ed8e592e948f7f005de8ee
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99887c8a3e382dd055b9504a2141c52fd90fa929ebf16f39ba8526a2c7110362
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c13fd8a693173053aefe83b24e9890659c94d49c2beb2ff6265cc4bd5bb14ec
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9da4126b303290ef34a4a638516194afa042c66b98eb396db790e807975e517e
9f0ec4a27964ea98a8600978a39a25666495e4eb3a3b991e14b41d55b7d286b0
a09d74b02c96141433d3edb41c65e31033e202640192863c6b0cd6613f233431
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fc17b481cffb114ec584fac45cd546fef08fb1772637c5b2c4bd8cba23a00b
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7b73c43ad3d8441acd6946a5fd824b6cf6cb3cc2895f66c4bfe770656239086
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeeafbbb7a13d8edd36d57074e88c0230192cbea0dbb8f1a5aca65a0654b9075
af18bb79e0710f1bb33265bd1e64f483e4a2b6763227a9c143bb3fa94fd2ba41
af974f38b8332d4bb28679f174b399bf227f85c67bbe29b7408c9d4333909f85
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19aba2554baa8d219adb694438241ab2e8bd881c1b8e0d45e70d59c106cf1b4
b1fd298b2eb7209d9fe5ecf8d48438d8605600cdb4f4d9c25e3873617b54f036
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9b993f3863c63755241643998894a5f036b57c6777ead3ec28a4410ca81072f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
bd75349d3069720d496726a7ba6f7044a74605135fcaec4420341cfdd9487e65
bdd7a37142eecc768c354fa56e5937abbbd3505711e37ceaffd6354f9a98035b
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a6ab4fb68dee5ee93bb90623d9d3fd6985574799fe6d70ec68a838b821310a
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c534dc28d4607cf8288d4b8728fe63449200c46acacc82dbb1c451b7413977f4
c67c45685a8493de342440179ed0b8938b51ad28ba46852babb4b31a20a46f3a
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdf915e05e99a86da2a4615ed3956ee1d89c8bc56fde9e662a207bf1eb677259
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf82da64c2debe7b6e5d2a055453421eb8f7804f39c7f065e80135c5615b8b06
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d0460b016fa470f9548aceaa335c01cd1fe68052a3abd44cb642ac299fe5b7e2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1eec3948a4661af20e8ae131554204fda646c7f71224f400869c3cde78bef4f
d1eed15facda36d04ce828aef4089bd3bb1de28a40dd6c48bc2cb1dbfae1d429
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d392c3ec89587ddeb02908e31b42cb57aa111ec498a8da503986743dfb60036c
d46a10ce2bec3eb7a0d5a95dbf97fd4c932b32e25ec3b11f5ab27d8ee5a2b255
d551c155532d8f2abdfaaf2eae79100be593f040b54a72094bda76b59dc0d605
d6d9cc433aac09ac81766e8fec596500c22423aaac0b7c87e1b35991fdd8c0a9
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dafeb03f08b5e8bfa63c73c55b5ccf5a8efa9497ae2103117bcdd582a535253a
db797cb4944a3af0072b8d6bd634bcb0f7f25b874cf649da80a9e32da96e1646
df7bbc4a209a098e769cb5b8c5812002e83d62863947b0bbcb76c4133095dfe7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f2b14bf0d4c54c1b5d68ea56a2a698a9cd16763de1da6650f3e23361042a5
e5a098542163dc535e0e3c4ed1bca8fcc8a13f0b827027385af73b8d3db5fa38
e61c212e051e6ea19350c0dcdad7a052b7a729156514729f6bfc4934ce4d4803
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efca004102a9455aca7d8879f0f2bd579ffe253bda0ea442a9707967662fb2f6
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e
f1d7066cf9330a1d1a31fc729644ef86718a7421179a4fa556fefc92f7528325
f273910174b829a9c1fd1cb223276b9cbeaeefb6dc5b981231a01a9758ed426c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ce1b8b6bc9ae8900b96861eb134e6b4db73075cff0e8e3a230327d75cdbe18
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd64e57fce52f68c1c69e15bc8ab64f865dfeeeae12390ad4877d4363bb14708
fd7d5c2f2a75db260167c9d87cf8940899c207863c7049aca86abe5e3554c9fa
ffc34f2a06c6aa5d058ccdd2c01fa323aea4fcf3ec1ce882359c8ba882ad2ae6