urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/1YYgC5ywE5FMBrAkHOso1G?domain=t.sidekickopen07.com
Effective URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Submission: On January 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 149 IPs in 12 countries across 149 domains to perform 1035 HTTP transactions. The main IP is 104.20.59.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2020. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.117 3561 (CENTURYLI...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
3 104.20.59.209 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
32 104.26.12.6 13335 (CLOUDFLAR...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 9 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
53 2607:f8b0:400... 15169 (GOOGLE)
7 23.208.216.126 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 19 151.101.130.137 54113 (FASTLY)
1 13.225.63.8 16509 (AMAZON-02)
2 13.225.214.111 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
17 35.201.71.192 15169 (GOOGLE)
4 142.250.65.230 15169 (GOOGLE)
1 23.52.162.190 16625 (AKAMAI-AS)
5 23.52.163.40 16625 (AKAMAI-AS)
29 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 5 13.225.214.24 16509 (AMAZON-02)
1 142.250.65.162 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 35 23.52.162.21 16625 (AKAMAI-AS)
23 18.216.166.79 16509 (AMAZON-02)
2 151.101.129.140 54113 (FASTLY)
21 142.250.80.66 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
8 2607:f8b0:400... 15169 (GOOGLE)
11 11 54.236.195.76 14618 (AMAZON-AES)
16 17 52.223.40.198 16509 (AMAZON-02)
6 6 2620:112:f002... 6336 (TURN-US-ASN)
8 8 68.67.179.164 29990 (ASN-APPNEX)
2 10 23.73.244.44 16625 (AKAMAI-AS)
9 23.52.161.180 16625 (AKAMAI-AS)
8 8 207.198.113.176 13768 (COGECO-PEER1)
2 2 192.35.249.120 11742 (SPOTX-IAD)
2 122 2600:1f18:612... 14618 (AMAZON-AES)
8 35.244.159.8 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
2 35.227.238.208 15169 (GOOGLE)
2 5 104.36.115.113 62713 (AS-PUBMATIC)
36 2607:f8b0:400... 15169 (GOOGLE)
5 54.192.160.42 16509 (AMAZON-02)
15 54.230.162.7 16509 (AMAZON-02)
51 2607:f8b0:400... 15169 (GOOGLE)
4 5 185.167.164.49 198622 (ADFORM)
6 6 151.101.130.49 54113 (FASTLY)
2 21 104.36.115.109 62713 (AS-PUBMATIC)
23 39 142.250.80.98 15169 (GOOGLE)
3 3 198.148.27.139 19189 (PULSEPOINT)
1 1 199.187.193.166 47043 (SMARTADSE...)
1 1 193.122.128.135 31898 (ORACLE-BM...)
9 8.28.7.83 62713 (AS-PUBMATIC)
2 3 74.119.119.150 19750 (AS-CRITEO)
4 38.91.45.7 398989 (DEEPINTENT)
3 3 72.251.232.228 29791 (VOXEL-DOT...)
2 2 34.205.3.24 14618 (AMAZON-AES)
4 4 52.5.154.197 14618 (AMAZON-AES)
3 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 104.45.178.220 8075 (MICROSOFT...)
4 4 69.90.254.78 13768 (COGECO-PEER1)
6 6 199.127.204.142 26120 (RHYTHMONE)
2 2 23.219.95.182 16625 (AKAMAI-AS)
1 38.27.122.158 174 (COGENT-174)
2 7 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
2 2 3.213.98.115 14618 (AMAZON-AES)
12 54.209.75.74 14618 (AMAZON-AES)
10 10 74.121.140.14 30419 (MEDIAMATH...)
1 3 8.28.7.84 62713 (AS-PUBMATIC)
5 5 52.116.221.248 36351 (SOFTLAYER)
6 6 3.218.90.66 14618 (AMAZON-AES)
4 8 2600:1f18:4e9... 14618 (AMAZON-AES)
6 18 68.67.179.91 29990 (ASN-APPNEX)
4 18.235.169.84 14618 (AMAZON-AES)
10 10 2606:ae80:145... 25751 (VALUECLICK)
2 2 52.203.60.58 14618 (AMAZON-AES)
5 7 2620:116:800b... 14618 (AMAZON-AES)
1 2 204.2.255.233 2914 (NTT-COMMU...)
28 29 35.211.178.172 15169 (GOOGLE)
2 2 35.210.53.219 15169 (GOOGLE)
1 4 2620:100:a001::c 19750 (AS-CRITEO)
1 13.225.205.105 16509 (AMAZON-02)
1 23.52.162.163 16625 (AKAMAI-AS)
2 74.119.119.139 19750 (AS-CRITEO)
4 104.36.115.98 62713 (AS-PUBMATIC)
7 34.235.17.126 14618 (AMAZON-AES)
2 34.107.148.139 15169 (GOOGLE)
24 104.16.190.66 13335 (CLOUDFLAR...)
1 34.149.20.76 15169 (GOOGLE)
13 3.230.217.116 14618 (AMAZON-AES)
12 23.20.59.139 14618 (AMAZON-AES)
2 35.211.165.199 19527 (GOOGLE-2)
2 23.39.175.77 16625 (AKAMAI-AS)
2 18.213.33.211 14618 (AMAZON-AES)
5 18.209.253.24 14618 (AMAZON-AES)
2 2602:803:c002... 26667 (RUBICONPR...)
5 12 8.39.36.142 26667 (RUBICONPR...)
1 2600:9000:21d... 16509 (AMAZON-02)
6 151.101.2.133 54113 (FASTLY)
2 34.193.183.147 14618 (AMAZON-AES)
1 2 18.209.200.15 14618 (AMAZON-AES)
4 4 8.43.72.98 26667 (RUBICONPR...)
1 23.73.249.203 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 15 209.54.176.128 16509 (AMAZON-02)
2 4 51.89.20.86 16276 (OVH)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.231.139.54 14618 (AMAZON-AES)
2 151.101.66.133 54113 (FASTLY)
6 11 3.65.17.160 16509 (AMAZON-02)
2 52.0.188.249 14618 (AMAZON-AES)
1 1 20.72.149.136 8075 (MICROSOFT...)
2 3 63.251.114.136 12181 (INTERNAP-...)
4 17 52.223.22.214 16509 (AMAZON-02)
6 2606:ae80:145... 25751 (VALUECLICK)
2 2 54.208.114.40 14618 (AMAZON-AES)
2 3 52.86.210.192 14618 (AMAZON-AES)
5 23.92.190.74 10913 (INTERNAP-BLK)
1 1 213.19.162.80 26667 (RUBICONPR...)
1 1 52.87.48.29 14618 (AMAZON-AES)
2 104.36.115.114 62713 (AS-PUBMATIC)
10 10 64.74.236.223 22075 (AS-OUTBRAIN)
7 7 184.50.205.90 16625 (AKAMAI-AS)
2 2 192.132.33.46 18568 (BIDTELLECT)
1 2 3.233.22.19 14618 (AMAZON-AES)
1 1 64.58.232.179 13649 (ASN-VINS)
1 64.58.232.177 13649 (ASN-VINS)
1 1 2600:1901:0:8... 15169 (GOOGLE)
11 172.66.41.9 13335 (CLOUDFLAR...)
1 172.66.42.247 13335 (CLOUDFLAR...)
1 2600:1f18:612... 14618 (AMAZON-AES)
10 2607:f8b0:400... 15169 (GOOGLE)
12 2600:1400:d:5... 20940 (AKAMAI-ASN1)
2 146.20.132.105 27357 (RACKSPACE)
9 34.117.228.201 15169 (GOOGLE)
1 2 23.195.109.72 16625 (AKAMAI-AS)
2 23.41.168.202 16625 (AKAMAI-AS)
8 142.251.41.2 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 1 2a04:4e42::300 54113 (FASTLY)
1 151.101.65.44 54113 (FASTLY)
1 1 139.162.78.222 63949 (LINODE-AP...)
1 1 23.88.75.188 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
1 1 45.35.192.162 40676 (AS40676)
1 1 34.102.253.54 15169 (GOOGLE)
2 2 159.65.196.12 14061 (DIGITALOC...)
1 35.174.252.253 14618 (AMAZON-AES)
9 204.154.110.75 36062 (DOUBLE-VE...)
2 2 35.227.252.103 15169 (GOOGLE)
1 34.120.155.137 15169 (GOOGLE)
4 52.73.153.177 14618 (AMAZON-AES)
1 44.239.145.70 16509 (AMAZON-02)
2 151.101.193.108 54113 (FASTLY)
7 7 67.202.105.23 32748 (STEADFAST)
1 2 67.202.105.31 32748 (STEADFAST)
28 23.52.167.93 16625 (AKAMAI-AS)
1 104.17.120.107 13335 (CLOUDFLAR...)
5 5 147.75.61.140 54825 (PACKET)
1 1 8.28.7.82 62713 (AS-PUBMATIC)
7 8 107.178.246.49 15169 (GOOGLE)
3 3 34.102.163.6 15169 (GOOGLE)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 104.18.102.194 13335 (CLOUDFLAR...)
3 3 35.211.141.197 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
5 35.190.90.30 15169 (GOOGLE)
4 4 199.38.167.128 54312 (ROCKETFUEL)
2 2 204.62.13.72 46636 (NATCOWEB)
4 4 35.207.24.140 15169 (GOOGLE)
2 2 35.174.6.234 14618 (AMAZON-AES)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
1 34.75.235.219 396982 (GOOGLE-PR...)
2 2 198.24.170.53 19437 (SS-ASH)
1 34.75.117.5 396982 (GOOGLE-PR...)
1 1 34.239.68.79 14618 (AMAZON-AES)
5 34.117.239.71 15169 (GOOGLE)
4 51.161.118.168 16276 (OVH)
1 1 54.213.43.45 16509 (AMAZON-02)
1 1 38.100.136.209 174 (COGENT-174)
1 1 107.21.202.31 14618 (AMAZON-AES)
3 3 199.127.207.184 26120 (RHYTHMONE)
3 3 2600:1f18:1c9... 14618 (AMAZON-AES)
3 3 34.198.26.56 14618 (AMAZON-AES)
3 6 34.217.165.61 16509 (AMAZON-02)
3 6 35.173.82.50 14618 (AMAZON-AES)
1 2 34.96.105.8 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 1 104.17.119.107 13335 (CLOUDFLAR...)
1 1 35.190.118.189 15169 (GOOGLE)
3 3 18.234.22.74 14618 (AMAZON-AES)
1 1 18.204.86.180 14618 (AMAZON-AES)
1 1 52.86.150.190 14618 (AMAZON-AES)
3 141.226.224.48 200478 (TABOOLA-AS)
1 2 34.98.64.218 15169 (GOOGLE)
2 2600:1f18:612... 14618 (AMAZON-AES)
1 63.251.28.218 ()
3 3.140.161.36 ()
3 2600:9000:210... ()
1 8 3.221.253.192 ()
2 34.233.75.183 ()
2 2001:4998:14:... ()
8 44.196.174.17 ()
2 18.218.141.222 ()
3 3.20.211.8 ()
3 142.250.65.226 ()
1 35.173.146.224 ()
1035 149
2    205.139.111.117 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: us-api.mimecast.com
protect-us.mimecast.com
1    2606:4700::6812:260 (United States)

ASN13335 (CLOUDFLARENET, US)
t.sidekickopen07.com
3    104.20.59.209 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
5    2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
32    104.26.12.6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
7    2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
9    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
53    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.co.uk
7    23.208.216.126 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-126.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
m.addthis.com
s7.addthis.com
api-public.addthis.com
1    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
19    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
img.connatix.com
cks.connatix.com
ck.connatix.com
1    13.225.63.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-8.ewr53.r.cloudfront.net
ecdn.analysis.fi
2    13.225.214.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-111.ewr50.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
6    2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
17    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
c.pub.network
4    142.250.65.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
ad.doubleclick.net
1    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
5    23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
29    2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
2    2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    13.225.214.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-24.ewr50.r.cloudfront.net
sb.scorecardresearch.com
1    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
partner.googleadservices.com
12    2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
20    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:3039::6815:c076 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
35    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
23    18.216.166.79 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-166-79.us-east-2.compute.amazonaws.com
capi.connatix.com
2    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
www.reddit.com
21    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
8    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
11    54.236.195.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-195-76.compute-1.amazonaws.com
match.prod.bidr.io
17    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
8    68.67.179.164 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
10    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
9    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    207.198.113.176 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
122    2600:1f18:612b:4232:e16:c052:477e:6871 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
connatix-supply-partners.tremorhub.com
partners.tremorhub.com
amobee-partners.tremorhub.com
brightroll-partners.tremorhub.com
google.partners.tremorhub.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
freestar-d.openx.net
u.openx.net
connatix-d.openx.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    35.227.238.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.238.227.35.bc.googleusercontent.com
api.floors.dev
5    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
36    2607:f8b0:4006:823::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    54.192.160.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-160-42.ewr53.r.cloudfront.net
c.amazon-adsystem.com
15    54.230.162.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-7.ewr53.r.cloudfront.net
tagan.adlightning.com
51    2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
21    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
39    142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
4    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    72.251.232.228 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    52.5.154.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-154-197.compute-1.amazonaws.com
pm.w55c.net
4    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
4    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
6    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    23.219.95.182 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-95-182.deploy.static.akamaitechnologies.com
px.owneriq.net
1    38.27.122.158 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    3.213.98.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-98-115.compute-1.amazonaws.com
usermatch.krxd.net
12    54.209.75.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-75-74.compute-1.amazonaws.com
beacon.krxd.net
10    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
5    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
6    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
8    2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
18    68.67.179.91 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    18.235.169.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-169-84.compute-1.amazonaws.com
rtb.adentifi.com
10    2606:ae80:1451:21::410 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
amazon-tam-match.dotomi.com
casale-match.dotomi.com
medianet-match.dotomi.com
districtm-match.dotomi.com
33across-match.dotomi.com
tremor-match.dotomi.com
2    52.203.60.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-60-58.compute-1.amazonaws.com
sync.ipredictive.com
7    2620:116:800b:21:44af:4f54:8af4:5563 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
secure.quantserve.com
cms.quantserve.com
2    204.2.255.233 (United States)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
pmp.mxptint.net
29    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    13.225.205.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-105.ewr50.r.cloudfront.net
dggaenaawxe8z.cloudfront.net
1    23.52.162.163 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-163.deploy.static.akamaitechnologies.com
s.ntv.io
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
4    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    34.235.17.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-17-126.compute-1.amazonaws.com
c.deployads.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
24    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
13    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
12    23.20.59.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-59-139.compute-1.amazonaws.com
btlr.sharethrough.com
2    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    23.39.175.77 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-175-77.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    18.213.33.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-33-211.compute-1.amazonaws.com
tlx.3lift.com
5    18.209.253.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-253-24.compute-1.amazonaws.com
ads.yieldmo.com
2    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2600:9000:21dd:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
2    34.193.183.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-183-147.compute-1.amazonaws.com
uat5-a.investingchannel.com
2    18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com
jadserve.postrelease.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    23.73.249.203 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-249-203.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
15    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    51.89.20.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p18.id5-sync.com
id5-sync.com
2    2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
1    34.231.139.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-139-54.compute-1.amazonaws.com
hb.emxdgt.com
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
11    3.65.17.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-17-160.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    52.0.188.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-188-249.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
1    20.72.149.136 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
3    63.251.114.136 (United States)

ASN12181 (INTERNAP-2BLK, US)
ap.lijit.com
17    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
6    2606:ae80:1451:17::1460 (United States)

ASN25751 (VALUECLICK, US)
direct.ad.cpe.dotomi.com
2    54.208.114.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-114-40.compute-1.amazonaws.com
t.pswec.com
3    52.86.210.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-210-192.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
5    23.92.190.74 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
1    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    52.87.48.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-48-29.compute-1.amazonaws.com
aorta.clickagy.com
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
10    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
7    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
stags.bluekai.com
e.dlx.addthis.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    3.233.22.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com
ps.eyeota.net
1    64.58.232.179 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net
ib.mookie1.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
11    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
1    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3002.infolinks.com
1    2600:1f18:612b:4216:e715:23fc:28e9:ce6e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
slckg-kqe2e.ads.tremorhub.com
10    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
12    2600:1400:d:598::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    146.20.132.105 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
9    34.117.228.201 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
2    23.195.109.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-109-72.deploy.static.akamaitechnologies.com
sync.teads.tv
2    23.41.168.202 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-202.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
8    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2600:141b:13::17d7:8222 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    139.162.78.222 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com
gocm.c.appier.net
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    35.174.252.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-252-253.compute-1.amazonaws.com
rtb.gumgum.com
9    204.154.110.75 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-phlb105.doubleverify.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
4    52.73.153.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-153-177.compute-1.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
1    44.239.145.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-145-70.us-west-2.compute.amazonaws.com
id.sharedid.org
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
7    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
28    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
5    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
8    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
3    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
3    35.211.141.197 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
4    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    35.174.6.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-6-234.compute-1.amazonaws.com
ads.avct.cloud
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    34.75.235.219 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 219.235.75.34.bc.googleusercontent.com
dmx.us-east-32.districtm.io
2    198.24.170.53 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
1    34.75.117.5 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 5.117.75.34.bc.googleusercontent.com
dmx.us-east-31.districtm.io
1    34.239.68.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-68-79.compute-1.amazonaws.com
cms-xch.33across.com
5    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
4    51.161.118.168 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns571817.ip-51-161-118.net
gu.dyntrk.com
1    54.213.43.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-43-45.us-west-2.compute.amazonaws.com
dmp.brand-display.com
1    38.100.136.209 (Woodbridge, United States)

ASN174 (COGENT-174, US)
retargeting.bksn.se
1    107.21.202.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-202-31.compute-1.amazonaws.com
i.w55c.net
3    199.127.207.184 (United States)

ASN26120 (RHYTHMONE, US)
dt.videohub.tv
3    2600:1f18:1c96:4103:4770:1339:6dc2:c345 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
3    34.198.26.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-26-56.compute-1.amazonaws.com
vop.sundaysky.com
6    34.217.165.61 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-165-61.us-west-2.compute.amazonaws.com
dpm.demdex.net
6    35.173.82.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-82-50.compute-1.amazonaws.com
sync.bfmio.com
2    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
x.mdhv.io
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
cookie.brealtime.com
1    35.190.118.189 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 189.118.190.35.bc.googleusercontent.com
telaria.adhaven.com
3    18.234.22.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-22-74.compute-1.amazonaws.com
nep.advangelists.com
1    18.204.86.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-86-180.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    52.86.150.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-150-190.compute-1.amazonaws.com
sync.extend.tv
3    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
connatix-d.openx.net
2    2600:1f18:612b:4264:5d9:11f2:8a3:eea6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
slckg-2p3vy.ads.tremorhub.com
1    63.251.28.218 (None, )

ASN- ()
ads.stickyadstv.com
3    3.140.161.36 (None, )

ASN- ()
vid.springserve.com
3    2600:9000:210b:6a00:15:6f6c:b180:93a1 (None, )

ASN- ()
vpaid.springserve.com
8    3.221.253.192 (None, )

ASN- ()
ads.adaptv.advertising.com
2    34.233.75.183 (None, )

ASN- ()
acds.prod.vidible.tv
2    2001:4998:14:800::1001 (None, )

ASN- ()
cdn-ssl.vidible.tv
8    44.196.174.17 (None, )

ASN- ()
trk.vidible.tv
2    18.218.141.222 (None, )

ASN- ()
bc-ssb-cle.springserve.com
3    3.20.211.8 (None, )

ASN- ()
vid-io-cle.springserve.com
3    142.250.65.226 (None, )

ASN- ()
ade.googlesyndication.com
1    35.173.146.224 (None, )

ASN- ()
ads-ec.v.ssp.yahoo.com
Apex Domain
Subdomains		 Transfer
125 tremorhub.com
connatix-supply-partners.tremorhub.com
slckg-kqe2e.ads.tremorhub.com
partners.tremorhub.com
amobee-partners.tremorhub.com
brightroll-partners.tremorhub.com
google.partners.tremorhub.com
slckg-2p3vy.ads.tremorhub.com
73 KB
108 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
ade.googlesyndication.com
1 MB
99 doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads4.g.doubleclick.net
443 KB
56 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
hbopenbid.pubmatic.com
simage4.pubmatic.com
aktrack.pubmatic.com
image8.pubmatic.com
172 KB
43 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
cks.connatix.com
ck.connatix.com
496 KB
36 2mdn.net
s0.2mdn.net
794 KB
32 casalemedia.com
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
57 KB
32 bleepstatic.com
www.bleepstatic.com
604 KB
31 bidswitch.net
x.bidswitch.net
grid.bidswitch.net
13 KB
30 doubleverify.com
cdn.doubleverify.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
370 KB
30 media.net
prebid.media.net
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
77 KB
29 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
fastlane.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
56 KB
28 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
c2shb.ssp.yahoo.com
ads-ec.v.ssp.yahoo.com
11 KB
28 adnxs.com
secure.adnxs.com
ib.adnxs.com
acdn.adnxs.com
77 KB
26 districtm.io
dmx.districtm.io
cdn.districtm.io
dmx.us-east-32.districtm.io
dmx.us-east-31.districtm.io
10 KB
24 pub.network
a.pub.network
d.pub.network
c.pub.network
364 KB
23 sharethrough.com
btlr.sharethrough.com Failed
match.sharethrough.com
5 KB
22 krxd.net
usermatch.krxd.net
beacon.krxd.net
cdn.krxd.net
consumer.krxd.net
180 KB
21 google.com
www.google.com
adservice.google.com
3 KB
20 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
56 KB
20 googletagservices.com
www.googletagservices.com
565 KB
19 3lift.com
tlx.3lift.com
eb2.3lift.com
7 KB
17 adsrvr.org
match.adsrvr.org
10 KB
16 dotomi.com
pubmatic-match.dotomi.com
amazon-tam-match.dotomi.com
direct.ad.cpe.dotomi.com
casale-match.dotomi.com
medianet-match.dotomi.com
districtm-match.dotomi.com
33across-match.dotomi.com
tremor-match.dotomi.com
5 KB
15 adlightning.com
tagan.adlightning.com
367 KB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
152 KB
14 33across.com
ssc.33across.com
ssc-cms.33across.com
cms-xch.33across.com
cms-xch-chicago.33across.com
5 KB
13 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
1 MB
12 vidible.tv
acds.prod.vidible.tv
cdn-ssl.vidible.tv
trk.vidible.tv
221 KB
12 infolinks.com
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
363 KB
12 openx.net
us-u.openx.net
freestar-d.openx.net
rtb.openx.net
u.openx.net
connatix-d.openx.net
2 KB
11 springserve.com
vid.springserve.com
vpaid.springserve.com
bc-ssb-cle.springserve.com
vid-io-cle.springserve.com
267 KB
11 bidr.io
match.prod.bidr.io
4 KB
10 ampproject.org
cdn.ampproject.org
204 KB
10 zemanta.com
b1sync.zemanta.com
7 KB
10 mathtag.com
sync.mathtag.com
6 KB
9 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
3 KB
8 advertising.com
ads.adaptv.advertising.com
5 KB
8 tapad.com
pixel.tapad.com
3 KB
8 lijit.com
ap.lijit.com
ce.lijit.com
9 KB
8 rlcdn.com
idsync.rlcdn.com
id.rlcdn.com
api.rlcdn.com
1 KB
8 sitescout.com
pixel-sync.sitescout.com
2 KB
7 yieldmo.com
ads.yieldmo.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
3 KB
7 deployads.com
c.deployads.com
3 KB
7 quantserve.com
pixel.quantserve.com
secure.quantserve.com
cms.quantserve.com
12 KB
7 addthis.com
s9.addthis.com
m.addthis.com
s7.addthis.com Failed
api-public.addthis.com
e.dlx.addthis.com
220 KB
6 bfmio.com
sync.bfmio.com
3 KB
6 demdex.net
dpm.demdex.net
6 KB
6 mookie1.com
ib.mookie1.com
odr.mookie1.com
3 KB
6 bluekai.com
stags.bluekai.com
5 KB
6 everesttech.net
sync-tm.everesttech.net
1 KB
6 turn.com
ad.turn.com
3 KB
5 a-mo.net
prebid.a-mo.net
2 KB
5 crwdcntrl.net
id.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
2 KB
5 taboola.com
trc.taboola.com
match.taboola.com
sync.taboola.com
1 KB
5 id5-sync.com
cdn.id5-sync.com
id5-sync.com
15 KB
5 simpli.fi
um.simpli.fi
2 KB
5 w55c.net
pm.w55c.net
i.w55c.net
4 KB
5 adform.net
c1.adform.net
2 KB
5 indexww.com
js-sec.indexww.com
4 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 moatads.com
z.moatads.com
px.moatads.com
89 KB
4 dyntrk.com
gu.dyntrk.com
860 B
4 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
4 rfihub.com
p.rfihub.com
3 KB
4 adsymptotic.com
p.adsymptotic.com
923 B
4 linkedin.com
px.ads.linkedin.com
1 KB
4 adentifi.com
rtb.adentifi.com
352 B
4 1rx.io
sync.1rx.io
3 KB
4 acuityplatform.com
ums.acuityplatform.com
3 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
3 KB
4 deepintent.com
match.deepintent.com
672 B
3 advangelists.com
nep.advangelists.com
558 B
3 mdhv.io
x.mdhv.io
649 B
3 sundaysky.com
vop.sundaysky.com
1 KB
3 tidaltv.com
sync.tidaltv.com
1 KB
3 videohub.tv
dt.videohub.tv
2 KB
3 fg8dgt.com
m.fg8dgt.com
860 B
3 mrtnsvr.com
ad.mrtnsvr.com
586 B
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com
953 B
3 adgrx.com
cm.adgrx.com
2 KB
3 contextweb.com
bh.contextweb.com
2 KB
3 google.co.uk
adservice.google.co.uk
1 KB
3 bleepingcomputer.com
www.bleepingcomputer.com
17 KB
2 blismedia.com
tr.blismedia.com
322 B
2 cpmstar.com
server.cpmstar.com
1 KB
2 creativecdn.com
us.creativecdn.com
697 B
2 avct.cloud
ads.avct.cloud
894 B
2 admixer.net
inv-nets.admixer.net
1 KB
2 bing.com
c.bing.com
928 B
2 brealtime.com
biddr.brealtime.com
cookie.brealtime.com
2 KB
2 tynt.com
de.tynt.com
3 KB
2 bidtheatre.com
match.adsby.bidtheatre.com
1000 B
2 createjs.com
code.createjs.com
125 KB
2 teads.tv
sync.teads.tv
637 B
2 lkqd.net
cs.lkqd.net
617 B
2 eyeota.net
ps.eyeota.net
1 KB
2 bttrack.com
bttrack.com
1 KB
2 pswec.com
t.pswec.com
1 KB
2 postrelease.com
jadserve.postrelease.com
1 KB
2 investingchannel.com
uat5-a.investingchannel.com
455 B
2 admedo.com
pool.admedo.com
715 B
2 mxptint.net
pmp.mxptint.net
965 B
2 ipredictive.com
sync.ipredictive.com
989 B
2 pippio.com
pippio.com
854 B
2 owneriq.net
px.owneriq.net
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 inmobi.com
mweb.ck.inmobi.com
sync.inmobi.com
1 KB
2 stackadapt.com
sync.srv.stackadapt.com
881 B
2 floors.dev
api.floors.dev
4 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 reddit.com
www.reddit.com
4 KB
2 btloader.com
btloader.com
api.btloader.com
28 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 firstimpression.io
ecdn.firstimpression.io
cdn.firstimpression.io
100 KB
2 mimecast.com
protect-us.mimecast.com
3 KB
1 stickyadstv.com
ads.stickyadstv.com
545 B
1 extend.tv
sync.extend.tv
518 B
1 adhaven.com
telaria.adhaven.com
237 B
1 bksn.se
retargeting.bksn.se
560 B
1 brand-display.com
dmp.brand-display.com
338 B
1 sharedid.org
id.sharedid.org
220 B
1 gumgum.com
rtb.gumgum.com
209 B
1 playground.xyz
ads.playground.xyz
467 B
1 resetdigital.co
sync.resetdigital.co
485 B
1 iprom.net
core.iprom.net
279 B
1 loopme.me
csync.loopme.me
217 B
1 appier.net
gocm.c.appier.net
395 B
1 pro-market.net
fei.pro-market.net
324 B
1 ib-ibi.com
global.ib-ibi.com
489 B
1 clickagy.com
aorta.clickagy.com
936 B
1 emxdgt.com
hb.emxdgt.com
165 B
1 fastclick.net
secure.cdn.fastclick.net
17 KB
1 quantcount.com
rules.quantcount.com
1 KB
1 ntv.io
s.ntv.io
114 KB
1 cloudfront.net
dggaenaawxe8z.cloudfront.net
3 KB
1 bnmla.com
match.bnmla.com
114 B
1 technoratimedia.com
sync.technoratimedia.com
800 B
1 smartadserver.com
rtb-csync.smartadserver.com
763 B
1 ad-delivery.net
ad-delivery.net
944 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com
543 B
1 pghub.io
pghub.io
4 KB
1 googleadservices.com
partner.googleadservices.com
650 B
1 addthisedge.com
v1.addthisedge.com
855 B
1 outbrain.com
widgets.outbrain.com
3 KB
1 analysis.fi
ecdn.analysis.fi
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 sidekickopen07.com
t.sidekickopen07.com
608 B
1035 149
Domain Requested by
118 partners.tremorhub.com 1 redirects cd.connatix.com
52 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
srcdoc
googleads.g.doubleclick.net
www.googletagservices.com
tagan.adlightning.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
blank
tpc.googlesyndication.com
imasdk.googleapis.com
51 tpc.googlesyndication.com googleads.g.doubleclick.net
www.bleepingcomputer.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
tagan.adlightning.com
cdn.ampproject.org
tpc.googlesyndication.com
pagead2.googlesyndication.com
vpaid.springserve.com
39 cm.g.doubleclick.net 23 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
eb2.3lift.com
36 s0.2mdn.net imasdk.googleapis.com
tagan.adlightning.com
googleads.g.doubleclick.net
s0.2mdn.net
www.bleepingcomputer.com
code.createjs.com
32 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
29 x.bidswitch.net 28 redirects www.bleepingcomputer.com
27 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
tagan.adlightning.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
23 capi.connatix.com cd.connatix.com
ads.pubmatic.com
eus.rubiconproject.com
21 simage2.pubmatic.com 2 redirects ads.pubmatic.com
20 contextual.media.net a.pub.network
contextual.media.net
20 dmx.districtm.io a.pub.network
cdn.districtm.io
www.bleepingcomputer.com
20 www.googletagservices.com a.pub.network
googleads.g.doubleclick.net
tagan.adlightning.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
www.bleepingcomputer.com
19 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
18 ib.adnxs.com 6 redirects a.pub.network
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
acdn.adnxs.com
vpaid.springserve.com
17 eb2.3lift.com 4 redirects a.pub.network
eb2.3lift.com
17 match.adsrvr.org 16 redirects a.pub.network
15 s.amazon-adsystem.com 1 redirects tagan.adlightning.com
s.amazon-adsystem.com
eus.rubiconproject.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
ap.lijit.com
match.sharethrough.com
eb2.3lift.com
15 tagan.adlightning.com a.pub.network
tagan.adlightning.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
13 c2shb.ssp.yahoo.com a.pub.network
13 securepubads.g.doubleclick.net www.googletagservices.com
cd.connatix.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
12 cdn.doubleverify.com tagan.adlightning.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
12 btlr.sharethrough.com a.pub.network
12 beacon.krxd.net ads.pubmatic.com
www.bleepingcomputer.com
cdn.krxd.net
12 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
tagan.adlightning.com
11 match.sharethrough.com 6 redirects s.amazon-adsystem.com
match.sharethrough.com
11 match.prod.bidr.io 11 redirects
10 cdn.ampproject.org www.bleepingcomputer.com
10 b1sync.zemanta.com 10 redirects
10 c.pub.network a.pub.network
10 sync.mathtag.com 10 redirects
9 image2.pubmatic.com ads.pubmatic.com
9 ads.pubmatic.com cd.connatix.com
ads.pubmatic.com
s.amazon-adsystem.com
www.bleepingcomputer.com
a.pub.network
de.tynt.com
9 www.gstatic.com www.bleepingcomputer.com
googleads.g.doubleclick.net
9 www.google.com 3 redirects www.bleepingcomputer.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
tagan.adlightning.com
8 trk.vidible.tv
8 ads.adaptv.advertising.com 1 redirects vpaid.springserve.com
cdn-ssl.vidible.tv
8 pixel.tapad.com 7 redirects resources.infolinks.com
8 googleads4.g.doubleclick.net www.bleepingcomputer.com
googleads.g.doubleclick.net
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 pr-bh.ybp.yahoo.com 4 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
8 pixel-sync.sitescout.com 8 redirects
8 eus.rubiconproject.com cd.connatix.com
eus.rubiconproject.com
s.amazon-adsystem.com
a.pub.network
de.tynt.com
8 secure.adnxs.com 8 redirects
8 cks.connatix.com www.bleepingcomputer.com
8 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
tagan.adlightning.com
www.bleepingcomputer.com
7 ssc-cms.33across.com 7 redirects
7 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
7 c.deployads.com a.pub.network
www.bleepingcomputer.com
7 img.connatix.com www.bleepingcomputer.com
7 d.pub.network a.pub.network
7 a.pub.network www.bleepingcomputer.com
a.pub.network
tagan.adlightning.com
6 tpsc-nyc.doubleverify.com cdn.doubleverify.com
6 sync.bfmio.com 3 redirects
6 dpm.demdex.net 3 redirects
6 rtbc-ue1.doubleverify.com cdn.doubleverify.com
6 resources.infolinks.com tagan.adlightning.com
resources.infolinks.com
6 stags.bluekai.com 6 redirects
6 direct.ad.cpe.dotomi.com cd.connatix.com
6 cdn.krxd.net www.bleepingcomputer.com
cdn.krxd.net
tagan.adlightning.com
6 ups.analytics.yahoo.com 6 redirects
6 sync-tm.everesttech.net 6 redirects
6 ad.turn.com 6 redirects
6 fonts.gstatic.com fonts.googleapis.com
5 cms-xch-chicago.33across.com de.tynt.com
eus.rubiconproject.com
5 odr.mookie1.com eb2.3lift.com
5 prebid.a-mo.net 5 redirects
5 ce.lijit.com ap.lijit.com
5 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 ads.yieldmo.com a.pub.network
sync-amz.ads.yieldmo.com
5 um.simpli.fi 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 js-sec.indexww.com a.pub.network
ssum-sec.casalemedia.com
5 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
5 fonts.googleapis.com www.bleepingcomputer.com
googleads.g.doubleclick.net
4 gu.dyntrk.com ssum-sec.casalemedia.com
4 rtb.mfadsrvr.com 4 redirects
4 cs.media.net contextual.media.net
4 p.rfihub.com 4 redirects
4 p.adsymptotic.com 2 redirects eb2.3lift.com
4 px.ads.linkedin.com 4 redirects
4 cdn.districtm.io a.pub.network
cdn.districtm.io
4 id5-sync.com 2 redirects cdn.id5-sync.com
www.bleepingcomputer.com
4 pixel-us-east.rubiconproject.com 4 redirects
4 hbopenbid.pubmatic.com a.pub.network
vpaid.springserve.com
4 gum.criteo.com 1 redirects contextual.media.net
4 pixel.quantserve.com 3 redirects www.bleepingcomputer.com
4 rtb.adentifi.com ads.pubmatic.com
4 idsync.rlcdn.com 2 redirects www.bleepingcomputer.com
4 sync.1rx.io 4 redirects
4 ums.acuityplatform.com 4 redirects
4 pm.w55c.net 4 redirects
4 match.deepintent.com ads.pubmatic.com
4 ad.doubleclick.net www.bleepingcomputer.com
tagan.adlightning.com
3 ade.googlesyndication.com
3 vid-io-cle.springserve.com vpaid.springserve.com
3 vpaid.springserve.com cd.connatix.com
www.bleepingcomputer.com
3 vid.springserve.com cd.connatix.com
vpaid.springserve.com
3 connatix-d.openx.net 1 redirects cd.connatix.com
3 sync.taboola.com
3 sync.crwdcntrl.net cd.connatix.com
3 nep.advangelists.com 3 redirects
3 x.mdhv.io
3 vop.sundaysky.com 3 redirects
3 sync.tidaltv.com 3 redirects
3 dt.videohub.tv 3 redirects
3 m.fg8dgt.com 3 redirects
3 ad.mrtnsvr.com 3 redirects
3 tps.doubleverify.com tagan.adlightning.com
3 rtb0.doubleverify.com tagan.adlightning.com
3 rt3002.infolinks.com resources.infolinks.com
tagan.adlightning.com
www.bleepingcomputer.com
3 router.infolinks.com resources.infolinks.com
tagan.adlightning.com
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 ap.lijit.com 2 redirects s.amazon-adsystem.com
3 id.rlcdn.com eus.rubiconproject.com
contextual.media.net
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 a.tribalfusion.com 3 redirects
3 cm.adgrx.com 3 redirects
3 dis.criteo.com 2 redirects ads.pubmatic.com
3 bh.contextweb.com 3 redirects
3 us-u.openx.net www.bleepingcomputer.com
googleads.g.doubleclick.net
3 ssum.casalemedia.com 3 redirects
3 adservice.google.co.uk pagead2.googlesyndication.com
tagan.adlightning.com
3 s7.addthis.com s9.addthis.com
3 z.moatads.com s9.addthis.com
cdn-ssl.vidible.tv
3 www.bleepingcomputer.com static.cloudflareinsights.com
2 bc-ssb-cle.springserve.com vpaid.springserve.com
2 px.moatads.com
2 cdn-ssl.vidible.tv acds.prod.vidible.tv
2 acds.prod.vidible.tv www.bleepingcomputer.com
2 slckg-2p3vy.ads.tremorhub.com cd.connatix.com
2 tr.blismedia.com 1 redirects
2 c21lg-d.media.net contextual.media.net
2 server.cpmstar.com 2 redirects
2 us.creativecdn.com 2 redirects
2 ads.avct.cloud 2 redirects
2 inv-nets.admixer.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 hbx.media.net contextual.media.net
2 c.bing.com eb2.3lift.com
2 u.openx.net a.pub.network
2 de.tynt.com 1 redirects a.pub.network
2 acdn.adnxs.com a.pub.network
2 rtb.openx.net 2 redirects
2 cms.quantserve.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 code.createjs.com s0.2mdn.net
2 aktrack.pubmatic.com www.bleepingcomputer.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 cs.lkqd.net googleads.g.doubleclick.net
2 ps.eyeota.net 1 redirects www.bleepingcomputer.com
2 bttrack.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 t.pswec.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 consumer.krxd.net cdn.krxd.net
2 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 jadserve.postrelease.com 1 redirects tagan.adlightning.com
2 uat5-a.investingchannel.com dggaenaawxe8z.cloudfront.net
2 fastlane.rubiconproject.com a.pub.network
2 tlx.3lift.com a.pub.network
2 htlb.casalemedia.com a.pub.network
2 grid.bidswitch.net a.pub.network
2 prebid.media.net a.pub.network
2 freestar-d.openx.net a.pub.network
2 mug.criteo.com www.bleepingcomputer.com
2 pool.admedo.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 usermatch.krxd.net 2 redirects
2 pippio.com 2 redirects
2 px.owneriq.net 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 api.floors.dev a.pub.network
2 sync.search.spotxchange.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 www.reddit.com s9.addthis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cds.connatix.com www.bleepingcomputer.com
cd.connatix.com
2 protect-us.mimecast.com 2 redirects
1 ads-ec.v.ssp.yahoo.com
1 ads.stickyadstv.com cd.connatix.com
1 google.partners.tremorhub.com
1 sync.extend.tv 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 telaria.adhaven.com 1 redirects
1 cookie.brealtime.com 1 redirects
1 brightroll-partners.tremorhub.com
1 i.w55c.net 1 redirects
1 amobee-partners.tremorhub.com
1 tremor-match.dotomi.com 1 redirects
1 retargeting.bksn.se 1 redirects
1 dmp.brand-display.com 1 redirects
1 33across-match.dotomi.com 1 redirects
1 cms-xch.33across.com 1 redirects
1 dmx.us-east-31.districtm.io www.bleepingcomputer.com
1 dmx.us-east-32.districtm.io www.bleepingcomputer.com
1 districtm-match.dotomi.com 1 redirects
1 image8.pubmatic.com 1 redirects
1 biddr.brealtime.com a.pub.network
1 id.sharedid.org a.pub.network
1 id.crwdcntrl.net a.pub.network
1 api.rlcdn.com a.pub.network
1 e.dlx.addthis.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 sync.resetdigital.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 slckg-kqe2e.ads.tremorhub.com cd.connatix.com
1 fei.pro-market.net 1 redirects
1 ib.mookie1.com www.bleepingcomputer.com
1 global.ib-ibi.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 sync.inmobi.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 hb.emxdgt.com a.pub.network
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 ck.connatix.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 ssc.33across.com a.pub.network
1 s.ntv.io a.pub.network
1 dggaenaawxe8z.cloudfront.net a.pub.network
1 secure.quantserve.com a.pub.network
1 match.bnmla.com ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 api.btloader.com freestar-io.videoplayerhub.com
1 connatix-supply-partners.tremorhub.com 1 redirects
1 vid.connatix.com cd.connatix.com
1 ad-delivery.net www.bleepingcomputer.com
1 api-public.addthis.com s9.addthis.com
1 btloader.com www.bleepingcomputer.com
1 freestar-io.videoplayerhub.com 1 redirects
1 pghub.io a.pub.network
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 m.addthis.com s9.addthis.com
1 v1.addthisedge.com s9.addthis.com
1 widgets.outbrain.com www.bleepingcomputer.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cd.connatix.com 1 redirects
1 static.cloudflareinsights.com www.bleepingcomputer.com
1 s9.addthis.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 t.sidekickopen07.com 1 redirects
1035 262
Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-16 -
2022-05-15		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2021-03-17 -
2022-04-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-09 -
2022-02-16		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-05 -
2022-04-02		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2021-12-25 -
2022-03-25		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2021-12-18 -
2022-03-18		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.deployads.com
Amazon		 2021-06-03 -
2022-07-02		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.yieldmo.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
*.investingchannel.com
Go Daddy Secure Certificate Authority - G2		 2020-05-26 -
2022-06-01		 2 years crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-03 -
2022-08-01		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.dyntrk.com
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-12-23 -
2022-03-23		 3 months crt.sh
x.mdhv.io
GTS CA 1D4		 2021-12-26 -
2022-03-26		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
*.springserve.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
acds.prod.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-11-16 -
2022-05-11		 6 months crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-06		 6 months crt.sh
trk.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-12-28 -
2022-06-22		 6 months crt.sh

This page contains 123 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Frame ID: B51B1312F1FF9FF6725F838AC314121D
Requests: 228 HTTP requests in this frame

Frame: https://cds.connatix.com/p/144267/connatix.playspace.js
Frame ID: 657E056339495F1996EDB6D7A38AC0B8
Requests: 205 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D7B033F8C63EAFE8FC4DC7789CE376AE
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C495110DE44A22DFF16F5EFA8A8AB1BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 7DB6AB47B9FEFD0AB0FF3ED1F36859B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Frame ID: 7DA96176F24DE2FE3FE8806573BCD683
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1631035003&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912175&bpp=1&bdt=587&idt=258&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=3472069565444&frm=20&pv=1&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=267
Frame ID: 82F08598A332FDB152F7C337D76B8A78
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Frame ID: 50899CC5E872FF726916172192B24320
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 2753F43E0116B25DE7D394C7A911E8C4
Requests: 23 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 973ECC98B6F4E21755AD69A7DC4AD546
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: EE17720F90A425D2973F0E63E08B5B56
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: E4A512C56AC548C49BF036237A841D9B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A593A1BEA8B2287732EC4E19F7778E4C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6976781286F0E1741C6E9D77A7A56A08
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 623B7129C73AA2218B192EA214FD6719
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54621527-E2AF-48B3-9A20-16DF7E99F819
Frame ID: 9DB5B3A4585E688E38C785F968DFCFDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&_test=YdWbcQADT-oI8wAm
Frame ID: 133CF5F86A786A9ECF5A277007BBB3AB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFt-E7DqzcAABFrhrnOiw
Frame ID: 7C7BB107D2A146899116081C3680BE68
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2CF4AD68F8723BB6D12160524FACB74B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 734E7950A5983770E241A7955E349D25
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=72db71b4-6e2a-11ec-b017-01e8582d969d
Frame ID: 60C651A9F6A0643BE481ADCF99C891A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tzhAVoWfRqRKm_zjxtAwa1x3E0k
Frame ID: 0E678D2284701B5C8E1EC686FEF6D993
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:GI2D34ul1N56eJ5&gdpr=0&gdpr_consent=
Frame ID: A9E1C32C9C1F6565FEEC22A23DFA9A48
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2813B8EDBF8BA2FC6BC1F51B686AFB60
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7d00d6a9-384d-4a07-aea7-14a7f41eb807
Frame ID: 86D5D2944DFF4DDE53E20D5A00D5BB25
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=637414288351
Frame ID: 859E0561DBF0BB37D98E9067BCAAFFC5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
Frame ID: AB4069902BE995AAD8CFD3CADE35EDD4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6946753131882517221
Frame ID: E5FF39BCA7A127528516B894F2008A84
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 633DD8B75C32DF717729BEE0A2B81B18
Requests: 1 HTTP requests in this frame

Frame: https://capi.connatix.com/core/us?DemandPartner=2&UserId=ea5e916b51b048cabf316983e9db96c7&DemandPartnerName=Pubmatic&DemandPartnerUserId=54621527-E2AF-48B3-9A20-16DF7E99F819
Frame ID: D92ABEE0888229AAC2DA48FE67D6CB92
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&dcc=t
Frame ID: 73210B0141ADE4062031CB799BFEE66F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: CFD3093C6A1980416BF551CD450F44D8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: DE11D28769BCDA021F2114C12E864BEE
Requests: 13 HTTP requests in this frame

Frame: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 696A904E1F0A5D08E157606B266C4A3D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: E33753FA6EF95D5324FDD1F15461477E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 43F2E56A868336EA9439DCD77538AC77
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9D8BC172889D0450DB47C6EF50C86324
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 2FC326A176D98082A1D719B2CA733546
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 9509B7B8CF2527F757103AB1BE2A044E
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: AB78AD3D6585679DF70C9B43A0A69777
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 7BA19A8DC5FA229BD1774DD3A25AD473
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 81F128E2994C7298A569730C52C78D3E
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMODEfwsb9sgrJwCS0bbUl3uFFeujQMonvHWcZilA
Frame ID: 67725E01ACEF0B8D0D5B7E446DEF9744
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcecZSxvCFAN-AXXOAAAAAAA&expiration=1641475314&is_secure=true
Frame ID: C15C2B79E761BC0919C1EC9B8487B526
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 3C97C9711D8CAD30DCD7A06064AA9E0E
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=12724134863166359534
Frame ID: 71069FB00CE5E678EDE3FECE7CAADE74
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 451CFC081BF527C91D22EDCCB0E36AFC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Frame ID: B949BF1B3D60AE6E2FB952BC9DBBCC9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A25D2FEAA5938860E1EC53C34BC281A
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Frame ID: E06F3CBD0E1AD80FCC1C68EDA83849EE
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Frame ID: 952DE21AAD8660F0DC776AD41EF19DE8
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Frame ID: 36699478C747396C445DE93F1C991A71
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Frame ID: 9CFFD3856B2C342A220C327897682098
Requests: 18 HTTP requests in this frame

Frame: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D5AB2B8E7B37068DBF5EB3EC4059CD0
Requests: 28 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Frame ID: 6C9BAFC1DA2376B061A28DDDA3DABA86
Requests: 28 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Frame ID: C244D4A9EE42C76F4C968996342942CF
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Frame ID: EA6ECB507BB71477AFE5EDC01FACE5EF
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGILDyaIBMAE&v=APEucNVzIKsQsmCZVThDYGgXMNbBoTuDcnDnq2dPOoz4R3kKIemjV5yLdoDUvziCZCDJeUmAuESAQU62k-cu5T5_so98daDkTg
Frame ID: 6A95D871648ED56BF74D46B00B7B06DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNU-GQE6OYph2gK89bhLlIyv2LTxVwC0Vl1V_PsUtkPxamjLB6YqED5XxuCGYMfpFynecNyjk--zomejLpuPpg0RMp8btA
Frame ID: 21F897D4A70AE173BB085D1C297F9044
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNWdBGOCBoyfIH7qUsKJ-OF8wFB-Z-LN3HwjbRKnzm8PZPTrPuYXNU9E0F-wKPMrfhP_QOS5Dw3fC4ZESgNeP727PolW9A
Frame ID: A267EC95FFFF1072D669C8D05A31F097
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A103588D3D5FBE6F3241817D4B13ED46
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 525492F8522EB1C58D9097CEBF4ED0AF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6ADC5708E8EF6B706B83E9F6BCA43381
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B9E2BA90CE42280E57AD65F5C223DB9F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Frame ID: 646B47EF876D643689AAA8CE0AD79B60
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4B2E8114C796ABB267FDBBA837FF8F86
Requests: 7 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.552466&kaxefact=0.552466&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1641388914&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.581543&dcId=2&tldId=59673386&passback=0&svr=BID88404U&adsver=_27888023&adsabzcid=0&cls=BID&ekefact=cpvVYWi8CwD8mX3UNwZiJ4fYC5IBw99tmNuQXzMb81oOWu7g&ekaxefact=cpvVYXi8CwCdeBnVbVF9HpVHx2qjz6TE6aTytYRfrqCUbkgr&ekpbmtpfact=cpvVYYW8CwBLuMDjV1DD1aApkoMMbmxSadV3fOjXefupJ-PO&enpp=cpvVYZC8CwBwZB-EIKxjv1w7qS17IC70CooAS2ZOfiW72_Si&pfi=1&domId=7543222089094626466&dc=NYC3&pubBuyId=2866&crID=340943234&lpu=norton.com&ucrid=15079233382529498178&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=200637&wDspId=80&wbId=9&wrId=0&wAdvID=4502&wDspCampId=15627445824&isRTB=1&rtbId=8A3ABEA7-9990-4083-9186-3F8A76B69D77&imprId=F32CBB80-F3E5-49BF-8700-753BED3EE9E4&oid=F32CBB80-F3E5-49BF-8700-753BED3EE9E4&cntryId=232&domain=bleepingcomputer.com&sec=1&pAuSt=3&wops=0&sURL=bleepingcomputer.com&BrID=5
Frame ID: 67B9F8B1DBAEDDDF5D10BC5D4298C3BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8E3F1640C67FB0D5FC4AAA36F67D9265
Requests: 2 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.552466&kaxefact=0.552466&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1641388914&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.581543&dcId=2&tldId=59673386&passback=0&svr=BID88963U&adsver=_27888023&adsabzcid=0&cls=BID&ekefact=cpvVYUjkCgDpqcbc0Y0pWGE51vQpQ_0SvTD6_19RiRqXuzZJ&ekaxefact=cpvVYVLkCgB9MlhmH7c02rc5A1Ap0OIFQ7ux-mRsksf6o3VR&ekpbmtpfact=cpvVYVvkCgA1ImyDV0kcZ-gam_JLvAwNMhWi4QVWoYmpUfAs&enpp=cpvVYWTkCgCyPGcEKzYK7frQF1C3ZXAKtXqmXx8rzD7Gf1in&pfi=1&domId=7543222089094626466&dc=NYC3&pubBuyId=2866&crID=340916778&lpu=norton.com&ucrid=14207779116381661102&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=200637&wDspId=80&wbId=7&wrId=0&wAdvID=4502&wDspCampId=15627445824&isRTB=1&rtbId=B01DB8A8-C0C0-4BAD-8A43-BAD2849EB6E0&imprId=ACCD3783-1E2E-42F0-AC10-10B19CAAA3D4&oid=ACCD3783-1E2E-42F0-AC10-10B19CAAA3D4&cntryId=232&domain=bleepingcomputer.com&sec=1&pAuSt=3&wops=0&sURL=bleepingcomputer.com&BrID=5
Frame ID: 99D1E544F4A141FFC975AC9ED746B902
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9207558426631077888/index.html
Frame ID: 0AFA733FD2A9AEA7EE7F6C365B24160A
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Frame ID: D676985FAD0CA5B2F0F96C94694931D5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiP--vQIYmsmRvQEwAQ&v=APEucNXT1HQbnSoPc6X4DMVFIiNokqRp8hShF05iK3krlSRxFakuKTMenK8COvEMK_iqlAx90vSSUYvXjTZ17V_sfsWthRiBqA
Frame ID: 58541AFEB55254E305BFCAD9C46A77AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7E414A1A21A2EFAC940234DC4FA11D99
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 88C6221D75C20B83FA5CC412429C7CBF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1971.js
Frame ID: B6F9781F2D8A8C6FDAD80398DC0FC2C7
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1971.js
Frame ID: D337A679AB1C99A43F8335F94958F37F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C098CD55EF153322B49A329046FF2B66
Requests: 9 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=54621527-E2AF-48B3-9A20-16DF7E99F819
Frame ID: 18772C194464A31D36E0191CA51108D7
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=487b72e9-62a0-4f89-82a4-418d3a136cec-tuct8cf20f7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 75E65C539034236877101C22491DB6C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=ToEixhi6CXGO6ehfeJvVYQ
Frame ID: B9ED734D132879CA056FE21384E88130
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: BF385679F08D1E8F5311ECD64A38BCAF
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 2328CF2FFABCF6B0D497F7FCD44A8FC9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
Frame ID: 39ECCAA839389A42DFD252D4FCE790FC
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Frame ID: 15C95ACE341B0AE4BD4F9768DE2AA1BF
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 33BB0E1A91B3EF58F5B16669698C29E0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F18AD91ABE2029F19FB7546B14AA620C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1971.js
Frame ID: 3A365782A900758D8373597142097902
Requests: 4 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: FCA282FC709CCFC3F6A57882A28EEE2D
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D47E7FFB480D2BB31EFD8114BA78BCBD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C57D31520A0B9551BFBE872EC2AB9225
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A6C798034F17E3BE5A810304CBC6CA7F
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DC0063EE3B89CFF881B19A7E3BAA4BA3
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2A974DA7937991E75B826036DDCB192C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: E3902F7218440D0382DF23908FFAD356
Requests: 10 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 224563384A5FAC465E22A2F19D5346F8
Requests: 5 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D13B8246FB83F54FFDEA8F713B9BF16E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E5F17891A78C771F44F6647DC641C4DB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0FD4499761F45026A11BBBA41E6F8ADD
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7C97C3E8B5CA195E02E5EF8A721EC2EA
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DB512EC8298344CA5754CB7C28C2A7DC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: DD901E79D4B0AC733E12A1E57D7326BC
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 3A3C3127F4434CEE5C2B2F9B6EC0B1B3
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 302B7FDA92570160FA4287DB7D6CE958
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: EEBFC72BB45E5631893F3E8196051222
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DFC13200193BAF4D335541CA76989546
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 52C7ECC08A8C76309B18791472A7D748
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889210892843905200759387000V10&ovsid=970033152809871230
Frame ID: 0DBFA54DC2B12109EFD7723524A42D33
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889211482843905200759387000V10&ovsid=979321822310490180
Frame ID: 3D45097FEF65FDF30745567902357EBE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 24266255ED7376AF3627AE74B64143B9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: E3622DE8F12A72E419CFA0EAAD555E7E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBE75FDEBB24E9EE69314631F83EDEA3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45AB016F702170D6CFDEBFBB3231B330
Requests: 2 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: E02EAD014348111F7680F833D09F726F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3AE95303127ED79CA0BBE971C18101EA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A90C4633DE53EE913999602A3C4C4DB4
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 4A526CBA8DC843544D77A3CA4F4CCA05
Requests: 9 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=3e78453b-3c3f-45cd-bd28-a70393e1cef4&pblob=
Frame ID: 090B7AE0A183C9E129B34A8CA1966EE6
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 393BDC6BA13628DCA080A3416A2AD303
Requests: 10 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=c428117c-10e6-46ea-9df6-f4fa42b4d2b3&pblob=
Frame ID: AA86D57299E821B5737C82E372DCD687
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 52199786B3ECBB5D8D4B279A3303E752
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/7103/SMG_SpringServe/preroll/syndication_9%26description_url%3Dbleepingcomputer.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1641388934628%26ord%3D1641388934%26gdpr_consent%3D%26gdpr%3D%26channel%3Dvastadp
Frame ID: 6C735005A8F8B6C267FD3A6C336329E7
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: D96C819322325F51F8A609936615BC74
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9EF78D844A41C40EB6E954D2E6A263D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Synology warns of malware infecting NAS devices with ransomwareFacebookTwitterLinkedInRedditHacker NewsEmailFacebookTwitterLinkedInEmail

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/1YYgC5ywE5FMBrAkHOso1G?domain=t.sidekickopen07.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtltly28YShl-FhYvchKRmX1THJ5ZpS4m12BSVwHKYYs1KwiIIGBhqS_kuT3IeLU-... HTTP 307
    https://t.sidekickopen07.com/s3t/c/5/f18dQhb0S7kF8bWqTfW1jlYPy59hl3kW7_k2841CX6NGW35Qwwr1Fpv7mW7s-thm68S8... HTTP 307
    https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

1035
Requests

79 %
HTTPS

20 %
IPv6

149
Domains

262
Subdomains

149
IPs

12
Countries

9310 kB
Transfer

25861 kB
Size

328
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/1YYgC5ywE5FMBrAkHOso1G?domain=t.sidekickopen07.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtltly28YShl-FhYvchKRmX1THJ5ZpS4m12BSVwHKYYs1KwiIIGBhqS_kuT3IeLU-SBmjHlq2qc2NekJjpnp6eb7p_8M-scXXK9rPWVSmNY7VN7dPV1habFJqNSUW1Meuxq8psmK0rl-2jYdYEF4o6paIM2T4WDFOlhBIIdTaIRYaZScm4VbGJFYT-c_5xXIZNaufZ_u8wE4t1ODNlgOE8s5W_G6fbNM-G86xdGbybZZRE5rEPPFhljEaBEMuCcNRQTJgzykgt8KdVhIt-nfTeEx69iSJEJLGSyAXLHSHMWCQ4kpR4zAmhHkfFtVYhBO8ZcYEZZ10fr_S8D6YNoVR4zU0kITKrvWbIK0QZ985y3js3VZVm3zsBwHtxV-8ApQBw9uq1KTa70xb3nYEQiT8MH6W5SuVDmlEI6TSn3BknownWaMN1oBpo-hA915FEg8LXNEOEUzMhpeOEM-WFEYQqb3jknFpDeQjREGmYltFZaUw0Bo4sAsUhCq0e0IwsYEq4YV4gTQQFSNxqF4kUylJpHqP5fRL4liYQWn8JU3Glv4WZGrNpy6JtoRPG4dOKT1CRJJAH09ZZajhcctRcGhyJMQGq11jojIgl-xoqg3lOY7dceUUjhhIzXjttI7cCqh0RKgXT3iIciAGzdRHaIBgXDZPoIVQlsUWAyUtA6qGYhDSWIy0QBUaPQv0-CXwJtQxta5ZhvtdEpwgZtWlrbfBfEqaM6Q9_fAAp8QWISCc7v2xgVBcehITLYWZb8ILf2oDUZJNfZwcY0QPFwMn0_pNVcFe_np_sJuBOYO7AORi2pWlXMAocEnXKExwjotYKF53EJkB5S9a1m5UUsUi7JRvfwIoqhqZ86qpNKjbbIt2B3HXGrX0Hxt9fvLl4cX52cPLHYNZJ5OCwk8jB6Ww4OJq9Hg5Gg5uVSQNfDe6q7SCB5l0NjAWf7rmdN_PNoKugqrwxTRi0Rbld96r6E2yRynRabTdw-Gzbgt6WXVK2dd-cvdPoz2IK6Iq6-EJLN5-Ktc9tuEu0Bx9KU6x70__T997dV2WvMOD_uM_u9kLbXRjXhGpKsBQ7kp8T_DefV0B2cGo2PqxtaJaD2FTlYPIv6L__-t9XWT5yFV8n9q2xqHsDQXqs-JggNea0N6yqNu1qE-KPgsejyOl4WVXLdfh4nt0tnFUeXmUZQh3soobHB8FgsmyX3Zmz_0wOfsTqvj2L5PT26Oy30fvFtlk8Kyf8tShXt227qLd-Ys_V8fXq-u2TdvYiTJ9224-X_Tfs-t8u3K5ZUttvRQjCiCOFFbwssAb7tlmDZZVS3e7P9-Z7aQzIw1Xhrqo6bJDss99rKciYm-_x-V7Eyk9XFs3k1aGy-fuLmON368vXd1yv1vQql4srohievBFnRznl05ubBh_W17LMZTtKq1KomVrhiLW85peI_ZTCk5ye89XhO-ZKcn-Ts_L4ZDaiE3t0PcsZn9I3kR7aJEnOVqflxSF-eXtzyXN88uz52YK55bOrtzk99KP3NYvT6eJ5zpoJzXNGp8f1bxDt7n4xYS6e4tMcHx3yy_N-qoHBJOlzekyekTc5wzMSJ_R-eVnf5_TYJv6cHmvxHo5wQc9pyfTPMzE9ZPTCcVmeuFv8Q1s8UWj3wVpowZX4oS6eRAJiJDUP8A70HHGpgkPeeaRNcJqirqo7fVku3Cgsti3CCykX117KkVp87sXFx8vCC7b42LIjqJqRkIgIRJAgEGi57UtlKV-pt3Xz8pU3L_M09dP4M3M3YHewsipD43ZV97DTw3InanVTJZDI0bYddzLrTJv6v2Ef_gHz4Pjq HTTP 307
    https://t.sidekickopen07.com/s3t/c/5/f18dQhb0S7kF8bWqTfW1jlYPy59hl3kW7_k2841CX6NGW35Qwwr1Fpv7mW7s-thm68S8h1f197v5Y04?te=W3R5hFj4cm2zwW4mKLS-3CbGvSW45Q3Xf3Fbt72W4hMmTF1JxwY5W1LBDN_4cgBkZW3Fd-qp4fQQ_DW4rC3WW43QKpVW4myz_C4cfM1MW1GF5YR4myz_rW1GCt9R3K2B2XW41S2fC3zgYpzW3Kbt5D3K96qGW3T3R3m49HS6QF43Tc57mLcx1&si=8000000019696586&pi=f2bbe795e7c9d50578ec0dcd09aec930 HTTP 307
    https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 24
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/144267/connatix.playspace.js
Request Chain 70
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 77
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1641388912498&ns_c=UTF-8&cv=3.5&c8=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1641388912498&ns_c=UTF-8&cv=3.5&c8=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&c9=
Request Chain 90
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dIndex%26uid%3d HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dea5e916b51b048cabf316983e9db96c7%26pname%3DIndex%26uid%3D&s=190549&C=1 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=ea5e916b51b048cabf316983e9db96c7&pname=Index&uid=YdWbcBgovym-M.HPZmH3eQAA%26946
Request Chain 91
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dBeeswax%26uid%3d{userid} HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dea5e916b51b048cabf316983e9db96c7%26pname%3DBeeswax%26uid%3D%7Buserid%7D&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=ea5e916b51b048cabf316983e9db96c7&pname=Beeswax&uid=AAFt-E7DqzcAABFrhrnOiw
Request Chain 92
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467&ttl=1643980912
Request Chain 93
  • https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dAmobee%26uid%3D%23USER_ID%23 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=ea5e916b51b048cabf316983e9db96c7&pname=Amobee&uid=3747225568690969523
Request Chain 94
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dAppNexus%26uid%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253dea5e916b51b048cabf316983e9db96c7%2526pname%253dAppNexus%2526uid%253d%2524UID HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=ea5e916b51b048cabf316983e9db96c7&pname=AppNexus&uid=6285311477415990070
Request Chain 95
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Request Chain 97
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dCentro%26uid%3d{userId} HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=ea5e916b51b048cabf316983e9db96c7&pname=Centro&uid=no-consent
Request Chain 98
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dSpotX%26uid%3d%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dSpotX%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=7275e71a-6e2a-11ec-a4f5-1ff67a7c0503 HTTP 302
  • https://cks.connatix.com/cks?pid=10&ev=ea5e916b51b048cabf316983e9db96c7&pname=SpotX&uid=7275e6a9-6e2a-11ec-a4f5-1ff67a7c0503
Request Chain 99
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=ea5e916b51b048cabf316983e9db96c7&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dTelaria%26uid%3d%5bTVUSER_ID%5d HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=ea5e916b51b048cabf316983e9db96c7&pname=Telaria&uid=db205cfb03c046878407cd33e7e645dd
Request Chain 140
  • https://c1.adform.net/serving/cookie/match?party=14&cid=54621527-E2AF-48B3-9A20-16DF7E99F819 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54621527-E2AF-48B3-9A20-16DF7E99F819
Request Chain 141
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YdWbcQADT-oI8wAm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&_test=YdWbcQADT-oI8wAm
Request Chain 142
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGdC1FN0RxemNBQUJGcmhybk9pdw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFt-E7DqzcAABFrhrnOiw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFt-E7DqzcAABFrhrnOiw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFt-E7DqzcAABFrhrnOiw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5306905266731188593 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFt-E7DqzcAABFrhrnOiw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5306905266731188593%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=5306905266731188593&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFt-E7DqzcAABFrhrnOiw
Request Chain 145
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=72db71b4-6e2a-11ec-b017-01e8582d969d
Request Chain 146
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tzhAVoWfRqRKm_zjxtAwa1x3E0k
Request Chain 147
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:GI2D34ul1N56eJ5&gdpr=0&gdpr_consent=
Request Chain 148
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 149
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7d00d6a9-384d-4a07-aea7-14a7f41eb807
Request Chain 150
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=637414288351
Request Chain 151
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8943010024 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1a63fcc3-1a56-4f35-8bf5-da845493f467 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
Request Chain 152
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ6946753131882517221&uid=Q6946753131882517221&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6946753131882517221
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGIVJ-KvSLOaIBbffpn4GQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 156
  • https://idsync.rlcdn.com/420486.gif?partner_uid=54621527-E2AF-48B3-9A20-16DF7E99F819 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU0NjIxNTI3LUUyQUYtNDhCMy05QTIwLTE2REY3RTk5RjgxORAAGg0I8bbWjgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=27139ccf4455b1fdfb57784b963edcd1c4c2e39ffb1684d94c95c6877169994b791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyNzEzOWNjZjQ0NTViMWZkZmI1Nzc4NGI5NjNlZGNkMWM0YzJlMzlmZmIxNjg0ZDk0Yzk1YzY4NzcxNjk5OTRiNzkxNDI2YjU0MTdkY2UyMRAAGgwI8bbWjgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyNzEzOWNjZjQ0NTViMWZkZmI1Nzc4NGI5NjNlZGNkMWM0YzJlMzlmZmIxNjg0ZDk0Yzk1YzY4NzcxNjk5OTRiNzkxNDI2YjU0MTdkY2UyMRAAGgwI8bbWjgYSBAgCEABCAEoA&google_gid=CAESEHP6TwK5n1mPmcKZmw15MbI&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Request Chain 157
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=403961d5-9b71-4f00-9cc6-be00ed2c04ce
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2MjE1MjctRTJBRi00OEIzLTlBMjAtMTZERjdFOTlGODE5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPpCU9fqoqyDenkIGJeIMFM&google_cver=1
Request Chain 160
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
Request Chain 161
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1a63fcc3-1a56-4f35-8bf5-da845493f467
Request Chain 162
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3747225568690969523&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 163
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:050e61d5-9b71-4f00-a1bc-dfd497875439&gdpr=0&gdpr_consent=
Request Chain 164
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54621527-E2AF-48B3-9A20-16DF7E99F819&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54621527-E2AF-48B3-9A20-16DF7E99F819&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_LMFAZpE2uVhSfiJKtQrUQ.SRI0zPUE-~A&gdpr=0&gdpr_consent=
Request Chain 166
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6285311477415990070&gdpr=0&gdpr_consent=
Request Chain 168
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5682de822b7f1221&is_secure=true&networkId=17100&version=1&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcYwmOs80YQMR8Rs6AAAAAAA&expiration=1641475313&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 169
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&gdpr=0&gdpr_consent=
Request Chain 170
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XWPPxVIwnMFGasiVWGaGwl5mnZRGN5rBXzEsAzHu
Request Chain 171
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B332_E93857CB_283A4EF6&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 172
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 173
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a9b2050e-aa70-43f1-96df-c187e79e72a6&user_group=1&ssp=pubmatic&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 174
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8664334389647396867
Request Chain 180
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=FQ5wH3xHNTFmTWgva3VKMXlFK3dCajZreFpjVjQrZXNTeGhLYWliS1VEYjZaZ1JFT3FvS25WQzNKcGtOd1ZDaS92eUR3ZC9FalFtUWRXSWdTU0h5R3ViaW5udVJ3Wm80SGhpSkpoSTVGN1pWTDRLbXBsY1lPRmJHUVpTR1ZlZWlBNGxlalRJRzc4MzZLRmZMNWI4VUxLNE5yZXBUYXVTWmxFbkNlUHFrT0ZsaWVLK3NXYkI0Z0Ixd1RlNG1qdDlSWkVORXFGbWtoZXdYb3ZtK2kxejRMaVZYOXUra3JkSDlMS3B5K0ZlZ3hlUkFWbXpkNmtDOTM0Z3ZlK2xxT20ySTVsTFk1fA&cppv=2
Request Chain 233
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=KY1KKVGS-1-D52Q HTTP 302
  • https://ck.connatix.com/cks?pid=11&uid=KY1KKVGS-1-D52Q HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=KY1KKVGS-1-D52Q&UserId=
Request Chain 236
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
Request Chain 237
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=050e61d5-9b71-4f00-a1bc-dfd497875439&expires=28
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
Request Chain 239
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/RPtJtRvt6zO--IMeoARyyw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6402570270040152656
Request Chain 240
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=&expires=30
Request Chain 241
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR
Request Chain 242
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdWbcQADT-oI8wAm
Request Chain 244
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&dcc=t
Request Chain 308
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1D5525D15A044016B14FBC531747C717&ex=simpli.fi&status=ok
Request Chain 315
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMODEfwsb9sgrJwCS0bbUl3uFFeujQMonvHWcZilA
Request Chain 316
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=2f45e45599bd1224&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcecZSxvCFAN-AXXOAAAAAAA&expiration=1641475314&is_secure=true
Request Chain 317
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 318
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=12724134863166359534
Request Chain 330
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 333
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KY1KKVGS-1-D52Q HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KY1KKVGS-1-D52Q&ex=d-rubiconproject.com&status=ok
Request Chain 335
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6285311477415990070&pn_id=an
Request Chain 336
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=yieldmo&bsw_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=yieldmo&bsw_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=23608d05-c93e-4d54-8fa4-f180999fb4d6&expires=3&user_group=1&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 337
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Request Chain 338
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=tzhAVoWfRqRKm_zjxtAwa1x3E0k
Request Chain 339
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=71tFyAgxDfjK&ev=1&pn_id=pp&pid=561118
Request Chain 341
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdWbcBgovym-M.HPZmH3eQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
Request Chain 342
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&expiration=1643980915&gdpr=0&gdpr_consent=
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_cver=1
Request Chain 345
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YdWbcBgovym-M.HPZmH3eQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662315408922977
Request Chain 346
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f2c757f6-80f6-43cb-b909-add5e66ce6ea&expiration=1672924915
Request Chain 347
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598515
Request Chain 348
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475315
Request Chain 351
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=90&3pid=c24e3fc4-b6b3-4ed0-88ad-28248dda0577&gdpr=0&gdpr_consent=
Request Chain 352
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KY1KKVGS-1-D52Q&gdpr=0
Request Chain 353
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAFt-E7DqzcAABFrhrnOiw&gdpr=0
Request Chain 354
  • https://ums.acuityplatform.com/tum?umid=27&uid=d090700eca65dcfca356b80d&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=637414288351
Request Chain 355
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=d090700eca65dcfca356b80d&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=YdWbc2m6PAIk021fqRq0gBoa
Request Chain 365
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KY1KKVGS-1-D52Q
Request Chain 366
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=
Request Chain 367
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough/ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHVNFMTK2IZEXQNRVORRUY3SUKRWW22LVJE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHVNFMTK2IZEXQNRVORRUY3SUKRWW22LVJE HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=ZVMZFIx65tcLnTTmmiuI
Request Chain 368
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
Request Chain 369
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 370
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2xWXzE2eGM HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2xWXzE2eGM HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
Request Chain 372
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OlV_16xc&gdpr=0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Request Chain 374
  • https://stags.bluekai.com/site/26357?id=OlV_16xc&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOlV_16xc%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OlV_16xc&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 376
  • https://ps.eyeota.net/match?bid=i0r4o4v&uid=OlV_16xc HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=OlV_16xc
Request Chain 377
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=6285311477415990070
Request Chain 378
  • https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=OlV_16xc HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=OlV_16xc
Request Chain 379
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=54621527-E2AF-48B3-9A20-16DF7E99F819
Request Chain 380
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OlV_16xc HTTP 302
  • https://idsync.rlcdn.com/398696.gif?partner_uid=9009067423290509105
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEC57sg2CXCowD1oiKQx-wGs&google_cver=1
Request Chain 476
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1
Request Chain 477
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdWbcBgovym-M.HPZmH3eQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMz0VYYdlrflTFBjxetq_UM&google_cver=1
Request Chain 485
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTMxMTQ3NzQxNTk5MDA3MA%3D%3D
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
Request Chain 487
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
Request Chain 506
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBUfwKoeXTyuczfLhYoZGdE&google_cver=1
Request Chain 508
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENwqhXZlke0JINgSldkLAbQ&google_cver=1
Request Chain 509
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTU3YzAwZTEtYjExOC00NjljLTk0OGEtNTk3ZTI2NzAwY2Vm
Request Chain 603
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f2c757f6-80f6-43cb-b909-add5e66ce6ea&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=54621527-E2AF-48B3-9A20-16DF7E99F819
Request Chain 604
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=487b72e9-62a0-4f89-82a4-418d3a136cec-tuct8cf20f7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 605
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=ToEixhi6CXGO6ehfeJvVYQ
Request Chain 606
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 608
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
Request Chain 609
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000093F8F2077A
Request Chain 610
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6285311477415990070
Request Chain 611
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:80c83626-daad-40d9-b18c-a4b2cb54ed73&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 631
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJy_pc_uFM1eUVo30OR3hFo&google_cver=1&google_push=AYg5qPLTANXn90XxrABgNl8OFWj6VFFGerR3ZvpcCENOaXjcAI8m5sU6FdgftkMqHvz_X60D4_lfu3EGymAqO1hANDPo1RyVUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPLTANXn90XxrABgNl8OFWj6VFFGerR3ZvpcCENOaXjcAI8m5sU6FdgftkMqHvz_X60D4_lfu3EGymAqO1hANDPo1RyVUQ&google_hm=ikkzK9SaXrmKinvQL-6qCw
Request Chain 632
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKxTdffm_u1klPra1zZKouTEH8tRsAm3mxTEUHwpnb3MztPV4c5KbGgRP57RXTnym6udRFdePd7aIAeJwbCMmPoBHoXpjc&google_gid=CAESENxGOjTjuC4BFVxxyd8gEzE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDUxMzIxNTIyMjIwMDA4MDc4Njk5MQ%3D%3D&google_push=AYg5qPKxTdffm_u1klPra1zZKouTEH8tRsAm3mxTEUHwpnb3MztPV4c5KbGgRP57RXTnym6udRFdePd7aIAeJwbCMmPoBHoXpjc
Request Chain 633
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPfWJSSFyAmwyoO2isPjn60&google_cver=1&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0 HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPfWJSSFyAmwyoO2isPjn60&google_cver=1&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0&google_hm=BDGIHVMsyX0F3-o4DGGBkw==
Request Chain 634
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENYBZ65lj6gUVE4LnB9XsWo&google_cver=1&google_push=AYg5qPJ4B2FotaiidU5VEurUzFkCJ9EbjF_cAhB5Z80OSPz2EA3CDiUot2bagkJsRLZqMq7hRH5OFQRjsFdzMJKgGj9-sSUMuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGIVJ-KvSLOaIBbffpn4GQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ4B2FotaiidU5VEurUzFkCJ9EbjF_cAhB5Z80OSPz2EA3CDiUot2bagkJsRLZqMq7hRH5OFQRjsFdzMJKgGj9-sSUMuA
Request Chain 635
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHax30DH3nzKA7R8EdpaHus&google_cver=1&google_push=AYg5qPKVRMt_AzAzjWR1U6AROyuP95XtjAel0CavX-ooMQAGndkh3pIMrlHw6FeHwZZ-DqdmFQbPl8JWSOL9rymNr6RPMTxp-MQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR&google_push=AYg5qPKVRMt_AzAzjWR1U6AROyuP95XtjAel0CavX-ooMQAGndkh3pIMrlHw6FeHwZZ-DqdmFQbPl8JWSOL9rymNr6RPMTxp-MQ
Request Chain 636
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_cver=1&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1
Request Chain 637
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEE1g9ZfmEq9XiX4pSdlXlD8&google_cver=1&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5
Request Chain 659
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 669
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fc.deployads.com%2Fcs%2FADMX%3Fb%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=appnexus&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=6285311477415990070 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F66%253FA%253Dbad2d675-583e-4f34-8d55-5407c9257c79%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%25253D%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D54621527-E2AF-48B3-9A20-16DF7E99F819 HTTP 302
  • https://prebid.a-mo.net/cchain/1/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=pubmatic&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=54621527-E2AF-48B3-9A20-16DF7E99F819 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/3/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=sovrn&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ==&uid=d090700eca65dcfca356b80d HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/4/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=index_rtb&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=YdWbcBgovym-M.HPZmH3eQAA%26946 HTTP 302
  • https://c.deployads.com/cs/ADMX?b=bad2d675-583e-4f34-8d55-5407c9257c79
Request Chain 670
  • https://ups.analytics.yahoo.com/ups/58423/occ HTTP 302
  • https://c.deployads.com/cs/VRZN?b=y-xQEQs1dE2uHNKScFiISndcP6LoY0S5B3egXwtWw-~A
Request Chain 671
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99 HTTP 302
  • https://c.deployads.com/cs/cent?b=no-consent&gdpr=1&gdpr_consent=
Request Chain 672
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d7b7191d-d622-41e5-95b6-2af052de3db6%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Dthemediagrid%2526user_id%253D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&ttd_puid=d7b7191d-d622-41e5-95b6-2af052de3db6%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
Request Chain 673
  • https://secure.adnxs.com/getuid?https://c.deployads.com/cs/XNDR?b=$UID HTTP 302
  • https://c.deployads.com/cs/XNDR?b=6285311477415990070
Request Chain 674
  • https://x.bidswitch.net/sync?ssp=sortable HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&bidswitch_ssp_id=sortable HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=637414288351&expires=30&user_group=1&ssp=sortable HTTP 302
  • https://c.deployads.com/cs/bswt?b=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&i=
Request Chain 684
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
Request Chain 685
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=o4LdyAb4p&dongle=u6nf
Request Chain 686
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 687
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
Request Chain 688
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=9ce9f5c7e823416b4e442ee6ca43db30
Request Chain 689
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12724134863166359534?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
Request Chain 690
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=12724134863166359534&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=28139247-0eff-4704-8ee0-cb3e5e3591f0 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 693
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJLE2WSGJF4DMNLUMNGG4VCUNVWWS5KJ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJLE2WSGJF4DMNLUMNGG4VCUNVWWS5KJ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
Request Chain 699
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
Request Chain 700
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=MfRdyeb4M&dongle=u6nf
Request Chain 701
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 702
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
Request Chain 703
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=c744e516cb6009e7802e472b267fa58f
Request Chain 704
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12724134863166359534?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
Request Chain 705
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=12724134863166359534&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=triplelift&gdpr=0&gdpr_consent=
Request Chain 708
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJLE2WSGJF4DMNLUMNGG4VCUNVWWS5KJ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJLE2WSGJF4DMNLUMNGG4VCUNVWWS5KJ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
Request Chain 719
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Drkt%26refUrl%3D%26vid%3D13889210892843905200759387000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889210892843905200759387000V10&ovsid=970033152809871230
Request Chain 720
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dcon%26refUrl%3D%26vid%3D13889210892843905200759387000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889210892843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
Request Chain 721
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dmma%26refUrl%3D%26vid%3D13889210892843905200759387000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889210892843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
Request Chain 722
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg0MzkwNTIwMDc1OTM4NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
Request Chain 723
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13889210892843905200759387000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889210892843905200759387000V10&ovsid=GI2D34ul1N56eJ5
Request Chain 724
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
Request Chain 725
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3D20a5fbc5-73de-4467-b1a9-6b8c62cfc742%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e5134c6aa1984914bc5ed8c0b8f61662&ssp=medianet&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=0&gdpr_consent=&gdpr_pd=1
Request Chain 726
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dzem%26refUrl%3D%26vid%3D13889210892843905200759387000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2KZGVURSJPA3DK5DDJRXFIVDNNVUXKSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTGOBYHEZDCMBYHEZDQNBTHEYDKMRQGA3TKOJTHA3TAMBQKYYTAJTWONUWIPJSHA2DGOJQGUZDAMBXGU4TGOBXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2KZGVURSJPA3DK5DDJRXFIVDNNVUXKSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTGOBYHEZDCMBYHEZDQNBTHEYDKMRQGA3TKOJTHA3TAMBQKYYTAJTWONUWIPJSHA2DGOJQGUZDAMBXGU4TGOBXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889210892843905200759387000V10&vsid=2843905200759387000V10
Request Chain 727
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2843905200759387000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2843905200759387000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
Request Chain 729
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Request Chain 730
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Damb%26refUrl%3D%26vid%3D13889210892843905200759387000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889210892843905200759387000V10&ovsid=3747225568690969523
Request Chain 733
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg0MzkwNTIwMDc1OTM4NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
Request Chain 734
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Drkt%26refUrl%3D%26vid%3D13889211482843905200759387000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889211482843905200759387000V10&ovsid=979321822310490180
Request Chain 735
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
Request Chain 736
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=66152e53-073d-4957-a80b-bcc1df3acdd5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 737
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2843905200759387000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2843905200759387000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
Request Chain 739
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Request Chain 740
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dcon%26refUrl%3D%26vid%3D13889211482843905200759387000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889211482843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
Request Chain 741
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dmma%26refUrl%3D%26vid%3D13889211482843905200759387000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889211482843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
Request Chain 742
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13889211482843905200759387000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889211482843905200759387000V10&ovsid=GI2D34ul1N56eJ5
Request Chain 743
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dzem%26refUrl%3D%26vid%3D13889211482843905200759387000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2KZGVURSJPA3DK5DDJRXFIVDNNVUXKSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTGOBYHEZDCMJUHAZDQNBTHEYDKMRQGA3TKOJTHA3TAMBQKYYTAJTWONUWIPJSHA2DGOJQGUZDAMBXGU4TGOBXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2KZGVURSJPA3DK5DDJRXFIVDNNVUXKSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTGOBYHEZDCMJUHAZDQNBTHEYDKMRQGA3TKOJTHA3TAMBQKYYTAJTWONUWIPJSHA2DGOJQGUZDAMBXGU4TGOBXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889211482843905200759387000V10&vsid=2843905200759387000V10
Request Chain 744
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Damb%26refUrl%3D%26vid%3D13889211482843905200759387000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889211482843905200759387000V10&ovsid=3747225568690969523
Request Chain 750
  • https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
  • https://dmx.districtm.io/s/10056/978477403571465463
Request Chain 751
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
Request Chain 752
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1 HTTP 302
  • https://dmx.districtm.io/s/10027/KQKdcIfLbyHtykh5fBEH?pi=districtm&tc=1
Request Chain 753
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=23HRFQm3Pk1kRlolRXxgQy9zAG4&rurl=//dmx.us-east-32.districtm.io/s/10007/ HTTP 302
  • https://dmx.us-east-32.districtm.io/s/10007/AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321&nuid=23HRFQm3Pk1kRlolRXxgQy9zAG4
Request Chain 754
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=23HRFQm3Pk1kRlolRXxgQy9zAG4 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Ddistrictm%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=districtm&user_id=WUPPXQ8rzB-m1O0k4tcK0 HTTP 302
  • https://dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Request Chain 755
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://dmx.us-east-31.districtm.io/s/10016/YdWbcQADT-oI8wAm
Request Chain 756
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=23HRFNwZsG4HiDMgLVFD3KLARvz HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Ddistrictm%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=districtm&user_id=_W1jxAXozT2YrnxOrwiV0 HTTP 302
  • https://dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Request Chain 757
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/no-consent
Request Chain 758
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
Request Chain 759
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://dmx.districtm.io/s/10057/y-GE9rzUpE2uEtnkCnxzUKn0umsheCUL1qa1f4xxw-~A
Request Chain 761
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 762
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1641388920935.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 763
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&google_hm=MjBhNWZiYzUtNzNkZS00NDY3LWIxYTktNmI4YzYyY2ZjNzQy HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBjCEV0MIqOAugUWH9nDSao&google_cver=1&ssp=the33across&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Request Chain 764
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1641388920935.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
Request Chain 765
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-rfmkxk5E2uFY_jxbD.DvHV7ZPBcjqG.t~A HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-rfmkxk5E2uFY_jxbD.DvHV7ZPBcjqG.t%7EA&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 766
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321&us_privacy= HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 768
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
Request Chain 770
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
Request Chain 771
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdWbcQADT-oI8wAm
Request Chain 772
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=DUQFlAIXVpAWTQLECEFMkw5BV8UWEFCQDxZhL4VC
Request Chain 773
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598521
Request Chain 774
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8664334389647396867&expiration=1642598521
Request Chain 778
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3747225568690969523
Request Chain 779
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
Request Chain 780
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1D5525D15A044016B14FBC531747C717
Request Chain 781
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1643980921
Request Chain 782
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
Request Chain 784
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fdcd86aa-bad5-8b7a-7bff0e50
Request Chain 785
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
Request Chain 808
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KY1KKVGS-1-D52Q HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KY1KKVGS-1-D52Q HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KY1KKVGS-1-D52Q&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 842
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=4075b9d3-bb68-4d1f-974a-2ce0b10f4046=&partner_id=3337 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd7b7191d-d622-41e5-95b6-2af052de3db6%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6285311477415990070&pt=d7b7191d-d622-41e5-95b6-2af052de3db6%2C
Request Chain 850
  • https://retargeting.bksn.se/webr?URL=telariaweb&red_exchange=63&teluid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIBU=W021641388922S17673G9319
Request Chain 851
  • https://p.rfihub.com/cm?in=1&pub=7115&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIRF=978477403571465463&r=sfyzNJOdVnzz
Request Chain 853
  • https://tremor-match.dotomi.com/match/bounce/current?networkId=1103&version=1&nuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIDT=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475322&nuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206
Request Chain 854
  • https://sync-tm.everesttech.net/upi/pid/P2n85yff?redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITM%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UITM=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&rid=1a655161f99844eca4a4b1f28b54f206&
Request Chain 855
  • https://ad.turn.com/r/cs?pid=40&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://amobee-partners.tremorhub.com/sync?UITN=3747225568690969523&gdpr=0&gdpr_consent=
Request Chain 856
  • https://i.w55c.net/ping_match.gif?st=TREMOR&rurl=https://partners.tremorhub.com/sync?UIDX=_wfivefivec_&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIDX=GI2D34ul1N56eJ5&rid=1a655161f99844eca4a4b1f28b54f206&
Request Chain 857
  • https://dt.videohub.tv/ssframework/cookieSync.htm?UITR=db205cfb03c046878407cd33e7e645dd&url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITR%3D%255Buser_id%255D&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Request Chain 858
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=595&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=595&rid=1a655161f99844eca4a4b1f28b54f206&&s_h=1 HTTP 302
  • https://partners.tremorhub.com/sync?UIVO=dd9b43af-f1ad-488c-8608-f9da8c742205&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D596 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=596 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=dd9b43af-f1ad-488c-8608-f9da8c742205&rn=TIMESTAMP
Request Chain 859
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tremor&ttd_tpi=1&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UITD=1a63fcc3-1a56-4f35-8bf5-da845493f467
Request Chain 860
  • https://ib.adnxs.com/getuid?https://partners.tremorhub.com/sync?UIAN=$UID&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIAN=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
Request Chain 861
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=77&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
Request Chain 862
  • https://x.bidswitch.net/sync?ssp=tremor&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=tremor&gdpr=&gdpr_consent=
Request Chain 863
  • https://vop.sundaysky.com/sync/tremor-adx/?rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://vop.sundaysky.com/sync/tremor-adx/?rid=1a655161f99844eca4a4b1f28b54f206&&_cvt=t HTTP 302
  • https://partners.tremorhub.com/sync?UISS=d6.4f465466129a4da8a25924fdcf457aa9
Request Chain 865
  • https://sync.mathtag.com/sync/img?mt_exid=59&redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIMM%3D%255Bmm_uuid%255D&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Request Chain 866
  • https://match.adsby.bidtheatre.com/tremormatch?rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIBT=80c83626-daad-40d9-b18c-a4b2cb54ed73
Request Chain 867
  • https://match.prod.bidr.io/cookie-sync/tm?tvuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 303
  • https://partners.tremorhub.com/sync?UIBW=AAFt-E7DqzcAABFrhrnOiw
Request Chain 868
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2064&partner_device_id=db205cfb03c046878407cd33e7e645dd&partner_url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITA%3D%24%7BTA_DEVICE_ID%7D&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=d7b7191d-d622-41e5-95b6-2af052de3db6&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Dd7b7191d-d622-41e5-95b6-2af052de3db6%252Chttps%253A%252F%252Fpartners.tremorhub.com%252Fsync%253FUITA%253Dd7b7191d-d622-41e5-95b6-2af052de3db6 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=d7b7191d-d622-41e5-95b6-2af052de3db6&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Dd7b7191d-d622-41e5-95b6-2af052de3db6%252Chttps%253A%252F%252Fpartners.tremorhub.com%252Fsync%253FUITA%253Dd7b7191d-d622-41e5-95b6-2af052de3db6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=80022630658207436371020313280275282979&pt=d7b7191d-d622-41e5-95b6-2af052de3db6%2Chttps%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITA%3Dd7b7191d-d622-41e5-95b6-2af052de3db6 HTTP 302
  • https://partners.tremorhub.com/sync?UITA=d7b7191d-d622-41e5-95b6-2af052de3db6
Request Chain 869
  • https://cm.adgrx.com/bridge?AG_PID=tremor&AG_SETCOOKIE&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIAG=72db71b4-6e2a-11ec-b017-01e8582d969d
Request Chain 870
  • https://bh.contextweb.com/bh/rtset?pid=560711&ev=1&rurl=https://partners.tremorhub.com/sync?UIPP=%25%25VGUID%25%25&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIPP=71tFyAgxDfjK&ev=1&pid=560711&rid=1a655161f99844eca4a4b1f28b54f206
Request Chain 871
  • https://pr-bh.ybp.yahoo.com/sync/tremor/db205cfb03c046878407cd33e7e645dd?rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://brightroll-partners.tremorhub.com/sync?UIBL=y-obDuyNdE2oQMLeLk2WJBjGlza8tlvekNhxU0~A
Request Chain 872
  • https://sync.bfmio.com/syncb?pid=128&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Request Chain 873
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185449&cb=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIIE%3D__UID__&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIIE=YdWbcBgovym-M.HPZmH3eQAA%26946
Request Chain 874
  • https://sync.1rx.io/usersync2/tremor?rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005&rndcb=4537854866 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3D20a5fbc5-73de-4467-b1a9-6b8c62cfc742%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e5134c6aa1984914bc5ed8c0b8f61662&ssp=adconductor&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/20a5fbc5-73de-4467-b1a9-6b8c62cfc742?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005?redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIRO%3DRX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005 HTTP 302
  • https://partners.tremorhub.com/sync?UIRO=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
Request Chain 875
  • https://c1.adform.net/serving/cookie/match?party=1255&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIAF=8664334389647396867
Request Chain 878
  • https://cookie.brealtime.com/getuid?https://partners.tremorhub.com/sync?UIEM=$UID&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://secure.adnxs.com/getuid?https://partners.tremorhub.com/sync?UIEM=$UID&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIEM=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
Request Chain 879
  • https://a.tribalfusion.com/i.match?p=b29&u=db205cfb03c046878407cd33e7e645dd&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIEX%3D%24TF_USER_ID_ENC%24&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIEX=18072662315408922977
Request Chain 880
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://partners.tremorhub.com/sync?UIAL=%24%7BADELPHIC_CUID%7D&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIAL=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&rid=1a655161f99844eca4a4b1f28b54f206&
Request Chain 882
  • https://um.simpli.fi/telaria?rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UISF=1D5525D15A044016B14FBC531747C717
Request Chain 883
  • https://cms.quantserve.com/pixel/p-twkF4WP-Na6M_.gif?idmatch=0&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?gdpr=0&UIQC=EI4Ekx_dV5cLhwPDFYtNlBOLVsIL2lGXEtzve1tT
Request Chain 884
  • https://telaria.adhaven.com/bid-engine/cs/b0220446f5947deaf1c7123bf551084d/v1?rd=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUI4N%3D%24UID&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UI4N=4c_e5406964-a297-4d08-8e2c-c994aab88b46
Request Chain 886
  • https://nep.advangelists.com/xp/user-sync?acctid=203&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIAD%3D&7BPARTNER_VISITOR_ID%7D&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIAD=
Request Chain 887
  • https://ad.mrtnsvr.com/sync/telaria?teluid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=MfRdyeb4M?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=MfRdyeb4M&partner_url=https://partners.tremorhub.com/sync?UIAI=MfRdyeb4M HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=MfRdyeb4M&partner_url=https://partners.tremorhub.com/sync?UIAI=MfRdyeb4M HTTP 302
  • https://partners.tremorhub.com/sync?UIAI=MfRdyeb4M
Request Chain 888
  • https://sync.extend.tv/telaria?rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIZM=7e6e6167-37c2-40ae-a7d9-d64edf2b6875
Request Chain 889
  • https://ums.acuityplatform.com/tum?tpid=314&uid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://partners.tremorhub.com/sync?UIAA=637414288351
Request Chain 890
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MnlCYy13UEFSb2VFQjgwejUtWkYzUT09&google_cm&rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEHkyzJ9zFxrNr1kYOAFVjOI&rid=1a655161f99844eca4a4b1f28b54f206&google_cver=1
Request Chain 893
  • https://dpm.demdex.net/ibs:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd?rid=1a655161f99844eca4a4b1f28b54f206& HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd
Request Chain 912
  • https://connatix-d.openx.net/v/1.0/av?auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&cb=e21167e6-069a-4997-bfec-bd416e7108a9&vwd=834&vht=469&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjcwOGQxZWItMzNkZC0yZWY3LWY2NGItZmMzNjE1OWE3NTQ5&gdpr=0&gdpr_consent=undefined
Request Chain 913
  • https://connatix-d.openx.net/v/1.0/av?auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&cb=e21167e6-069a-4997-bfec-bd416e7108a9&vwd=834&vht=469&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&cb=e21167e6-069a-4997-bfec-bd416e7108a9&vwd=834&vht=469&gdpr=0&gdpr_consent=undefined&us_privacy=
Request Chain 934
  • https://tr.blismedia.com/v1/api/sync/telaria?rid=123f60a4cef0454396952f36fd687595& HTTP 307
  • https://partners.tremorhub.com/sync?UIBM=61D59B7A8607CC6CD10D7DE8BLIS
Request Chain 936
  • https://dt.videohub.tv/ssframework/cookieSync.htm?UITR=db205cfb03c046878407cd33e7e645dd&url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITR%3D%255Buser_id%255D&rid=123f60a4cef0454396952f36fd687595& HTTP 302
  • https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Request Chain 937
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=77&rid=123f60a4cef0454396952f36fd687595& HTTP 302
  • https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
Request Chain 938
  • https://x.bidswitch.net/sync?ssp=tremor&rid=123f60a4cef0454396952f36fd687595& HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=tremor&ssp_uuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=tremor&user_id=28139247-0eff-4704-8ee0-cb3e5e3591f0 HTTP 302
  • https://partners.tremorhub.com/sync?UIBS=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Request Chain 940
  • https://sync.mathtag.com/sync/img?mt_exid=59&redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIMM%3D%255Bmm_uuid%255D&rid=123f60a4cef0454396952f36fd687595& HTTP 302
  • https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Request Chain 941
  • https://sync.bfmio.com/syncb?pid=128&rid=123f60a4cef0454396952f36fd687595& HTTP 302
  • https://x.bidswitch.net/sync?ssp=beachfront&user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467 HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=beachfront&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=beachfront&gdpr=0&user_id=xTkXxspqRMLeMBCWwDxewcY8RZfebULCx2tgqyZK HTTP 302
  • https://sync.bfmio.com/sync?pid=103&uid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dsp_id=&dsp_uuid=&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 945
  • https://nep.advangelists.com/xp/user-sync?acctid=203&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIAD%3D&7BPARTNER_VISITOR_ID%7D&rid=123f60a4cef0454396952f36fd687595& HTTP 302
  • https://partners.tremorhub.com/sync?UIAD=
Request Chain 970
  • https://dt.videohub.tv/ssframework/cookieSync.htm?UITR=db205cfb03c046878407cd33e7e645dd&url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITR%3D%255Buser_id%255D&rid=02c140816319400899eda2f54eff8e90& HTTP 302
  • https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Request Chain 971
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=77&rid=02c140816319400899eda2f54eff8e90& HTTP 302
  • https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
Request Chain 973
  • https://sync.mathtag.com/sync/img?mt_exid=59&redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIMM%3D%255Bmm_uuid%255D&rid=02c140816319400899eda2f54eff8e90& HTTP 302
  • https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Request Chain 974
  • https://sync.bfmio.com/syncb?pid=128&rid=02c140816319400899eda2f54eff8e90& HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D HTTP 302
  • https://sync.bfmio.com/sync?pid=147&uid=d6.4f465466129a4da8a25924fdcf457aa9
Request Chain 978
  • https://nep.advangelists.com/xp/user-sync?acctid=203&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIAD%3D&7BPARTNER_VISITOR_ID%7D&rid=02c140816319400899eda2f54eff8e90& HTTP 302
  • https://partners.tremorhub.com/sync?UIAD=
Request Chain 1024
  • https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388933121&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&pi.height=480&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=469&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=834 HTTP 302
  • https://ads-ec.v.ssp.yahoo.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388933121&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&pi.height=480&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=469&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=834&a.y_rid=fe24ddfb-1759-42dd-a026-eba63787f4a4&a.is_yahoo=3&redirect_y=dHM9MTY0MTM4ODkzMzc1MS42Mjg0MTg6dXVpZD0iMjUzMzgxMDg3MTc0NTM0MjY5OV9fVElNRV9fMjAyMi0wMS0wNSswNSUzQTIyJTNBMDgiOmFwaWQ9VkE3YjZlMzJjNy02ZTJhLTExZWMtOGFmMi0wZWZkZDFhOGRlYjM6cmVxdWVzdF9pZD1mZTI0ZGRmYi0xNzU5LTQyZGQtYTAyNi1lYmE2Mzc4N2Y0YTQ=

1035 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Redirect Chain
  • https://protect-us.mimecast.com/s/1YYgC5ywE5FMBrAkHOso1G?domain=t.sidekickopen07.com
  • https://protect-us.mimecast.com/redirect/eNqtltly28YShl-FhYvchKRmX1THJ5ZpS4m12BSVwHKYYs1KwiIIGBhqS_kuT3IeLU-SBmjHlq2qc2NekJjpnp6eb7p_8M-scXXK9rPWVSmNY7VN7dPV1habFJqNSUW1Meuxq8psmK0rl-2jYdYEF4o6paIM...
  • https://t.sidekickopen07.com/s3t/c/5/f18dQhb0S7kF8bWqTfW1jlYPy59hl3kW7_k2841CX6NGW35Qwwr1Fpv7mW7s-thm68S8h1f197v5Y04?te=W3R5hFj4cm2zwW4mKLS-3CbGvSW45Q3Xf3Fbt72W4hMmTF1JxwY5W1LBDN_4cgBkZW3Fd-qp4fQQ_...
  • https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
72 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ec42d2a26bbcf5af95ddff13ec24f52b1a566015445fb1dff12cbc97ea7168
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-type
text/html; charset=UTF-8
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Tue, 07 Sep 2021 17:16:43 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8d0316ad938d5a-ATL
content-encoding
br

Redirect headers

date
Wed, 05 Jan 2022 13:21:51 GMT
location
https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
x-robots-tag
none
link
<https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/>; rel="canonical"
referrer-policy
no-referrer
x-hubspot-correlation-id
ab5f2f1e-6d5d-43d5-9040-499b17ff4e79
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8d0315be9be5bf-ATL
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 12:05:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 05 Jan 2022 13:21:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jan 2022 13:21:51 GMT
bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5176
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"624975547"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1BsPmSZE0uKX5Uhv38k0Px2ikDx%2BauQXv24%2BAmCA%2BpNGp00WvWmwbi%2FSyfJUps7kaC2Yab%2FblO468XOGWTlr8UK6ZTpXlqmYURtUcJlKeBeGr33NbWUl1Fn%2FuDPJ32JJnjHzZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6c8d031a09458d85-ATL
expires
Tue, 05 Oct 2021 00:35:30 GMT
main.css
www.bleepstatic.com/css/redesign/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b37f3d8aa5e1f298bf71477c945f576745020ce44f048ec67e19a93cd285372

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163964
cf-polished
origSize=62676
last-modified
Tue, 27 Apr 2021 20:09:53 GMT
server
cloudflare
etag
W/"2761713618"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1%2BVhGsu4ktBjPARqn6Gk3pBqGKU%2B%2F8b%2F7gzgK1pwoPnMKg%2FXGecb4Cwge3MkUz%2F%2BO6Tmffll7qFivDeP7McPmNCtaZ3Cox%2BRZ%2BKcOlTUtsBpH609EL3dZBRUk3WgZ2HbpZSXpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 27 Jan 2022 02:02:27 GMT
cache-control
max-age=3024000
cf-ray
6c8d031a09468d85-ATL
cf-bgj
minify
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166
cf-polished
origSize=15024
last-modified
Sat, 21 Nov 2020 17:53:40 GMT
server
cloudflare
etag
W/"2807382579"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnT3d%2BiaN1UUhD8I5nTAHkBQ1g56PGWEeFSR5JC%2FSL35A47iei9LE9bycpTXtRYCDwXDUHnWUmJQ6X5%2BWQ8MZtI%2FDlrwHURQgGFLBtjTDp7T36DLWjtMJqI4rE5ZNWp7nqFNeDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 16 Sep 2021 06:03:12 GMT
cache-control
max-age=3024000
cf-ray
6c8d031a09488d85-ATL
cf-bgj
minify
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4901b094a91ea6d5aba73774bb9803fdca22599cfca597ef81249225b5ed01b4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163964
cf-polished
origSize=33102
last-modified
Tue, 24 Aug 2021 22:50:05 GMT
server
cloudflare
etag
W/"57477024"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx6AbhsgqoCvKhuDSHFRNJWZfXDQiL09Sn51UVh%2BuMbzEiJzktN4NDyTszftGmPXA%2FpgWOxHKYLVRruLsk6CcF4b2viOAAFVMJCjIPEVoqOkTE6SEWTmfT1kdIV83ewnSIYBCcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 27 Jan 2022 02:02:27 GMT
cache-control
max-age=3024000
cf-ray
6c8d031a09498d85-ATL
cf-bgj
minify
jquery-3.5.1.min.js
www.bleepstatic.com/js/redesign/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
407
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
cloudflare
etag
W/"1177690299"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nD7jBSPRwt0vfNKdOKDt818etFxYGbqzi9r2w0JyAWdGln3mrpMxeNE6nQymAbyDoEwxj6trVdoQa3IyJ3y1lkzv7R0hEXGDWp%2F0y0iLUZpG%2BOqWY4eNP990weTgldIB5BLrAKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6c8d031a094a8d85-ATL
expires
Thu, 16 Sep 2021 06:03:12 GMT
jquery-migrate-1.4.1.min.js
www.bleepstatic.com/js/redesign/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
407
last-modified
Fri, 20 May 2016 01:26:30 GMT
server
cloudflare
etag
W/"2177127834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiA0xirMgPlVM5ENx3749t2G7A6gyCF8WLi%2BCQtxOJI8kN8b7L84Uoacu6d7P1s8B45umvNqfCb9%2F8TibO79IcBubZQwizeMt5zhosOAaQsaAatL5JY48di4Rie24h5X9j2NhsM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6c8d031a094b8d85-ATL
expires
Mon, 04 Oct 2021 20:07:11 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163964
cf-polished
origSize=247
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BSmdzVri2hEOGa6PMHmLVzMz92cAFqdrQadfXUnuUYi10QD%2Bz1n6IVJGLibBCi8CpISGUneNHQVXnA6AQWh7pYVYR5iQ5ZIkrwrGMWQTbndM2RvRr72qnao%2FtdT8tyV%2FREB5z4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Thu, 27 Jan 2022 02:02:26 GMT
cache-control
max-age=3024000
cf-ray
6c8d031aeaab8d85-ATL
cf-bgj
minify
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3188
x-guploader-uploadid
ADPycdvGxa0CpmkLM7_LoNFZvn11mBJtY5pq0kBrpHubiV0MxjjxsPuQDDUfT7q1YuM_ps2UCMO6KppLsUWe0x4MOSNynwh0Hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/css
last-modified
Tue, 11 May 2021 20:31:48 GMT
server
cloudflare
etag
W/"2ad42c99ece77b46e5a42a85207a3750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcxlNoML0DWDh8fDgo7gqMt5ruC0GVxM4Yp6HkxoaYDtQjiD9RARHjnrDAHV%2F5NTNRE3s6UmAZE6nOGx03wV%2Fld0E1IEMPOtDaLVybA51Uy3ydLBJmBM5TPW8yx4J5TLfjt%2BFgmzim%2Bf1zs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620765108454625
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1752
cf-ray
6c8d031a09b68d7f-ATL
expires
Wed, 05 Jan 2022 13:12:30 GMT
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6acfb1a3acb8b98e34ef20506a28b3555b66a2e1d015aff51df475886ea5696

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=BzUlGg==, md5=g+w49DO2JUlgqm/GY90NGQ==
date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
505058
x-guploader-uploadid
ADPycdv9YkutLqxEu6ThSQVTqImKuYzhHKY1ngPAXFumlzMEk5HzkiSUSQi5hP9K63OvgYyoeA0kgw_hk1--jMFZMzU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 30 Dec 2021 17:04:11 GMT
server
cloudflare
etag
W/"83ec38f433b6254960aa6fc663dd0d19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ms2o5issTj7QgQwLw2V796qCrUVM5E%2BvHiZqztfbyIFleghaO78OS2lCcEmsGlHXwJemr1BbeIxaV%2FWEu18aXDCf6nB2NgUJy4d7rS1wx%2F%2FqXMHLPQdOaULf0j%2FpyLuZqg0XKQOrgLvKtd4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1640883851137196
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
120881
cf-ray
6c8d031aeada8d7f-ATL
expires
Thu, 30 Dec 2021 17:05:13 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa7bc8f68da861888a83c088b618f1e8b508ed612278f3963d05372d99b2a9c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36162
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jan 2022 13:21:51 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1159550
cf-polished
origFmt=png, origSize=1882
content-disposition
inline; filename="logo.webp"
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL4puLW4O%2FLQdJslcKcRBp23KSHjGiLcQiTJQ4t508LTj12lqq6iQTTB69jtUf82uKWEvIE2ejcCvzdh0YxnbiLLDAFfVaLx9XZeytZRixSyDYt2YcF1O3KB52UJufzDb3bAUP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 03:16:00 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031aeab18d85-ATL
cf-bgj
imgq:85,h2pri
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 05 Jan 2022 15:31:48 GMT

Redirect headers

date
Wed, 05 Jan 2022 12:54:51 GMT
x-content-type-options
nosniff
server
sffe
age
1620
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Wed, 05 Jan 2022 13:24:51 GMT
Synology__headpic.jpg
www.bleepstatic.com/content/hl-images/2021/08/09/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2021/08/09/Synology__headpic.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e89beedb33e91aeeee6bb0231ae24da72ead91cb7f9e226ec219c80160d069

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60282
cf-polished
qual=85, origFmt=jpeg, origSize=215046
content-disposition
inline; filename="Synology__headpic.webp"
content-length
18856
last-modified
Mon, 09 Aug 2021 13:09:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8HlmRwcDLNwM5YMKaQjoYv8R3Iv0faBAWKXK%2F5oLJf1evDmCpBCINfzHMG4aLt6QZxVUR9p09K2fmg23QaHCp03BBHJTwC8ZYiSOk5OdoPNmt8%2Fn%2Fv8RZWYk%2B1YlsGJ7pXarCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 03 Feb 2022 20:37:08 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031aeab38d85-ATL
cf-bgj
imgq:85,h2pri
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be90bf543540af2b683946e4d211e9842fc7f4312b3b8929198ff664e4257cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51966
x-xss-protection
0
server
cafe
etag
3063824153281379607
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Jan 2022 13:21:51 GMT
Bleeping_Computer_CIR_Nov_2021-opt.gif
www.bleepstatic.com/images/comp/flashpoint/ 		367 KB
368 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/comp/flashpoint/Bleeping_Computer_CIR_Nov_2021-opt.gif
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cdce68d55ff0acea805c6354fafdddf6cafc1b111a9ece1f891acf3e5a5dc6d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163963
cf-polished
status=not_needed
content-length
375851
last-modified
Tue, 02 Nov 2021 18:47:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tT634gKtn64RnlIY41eBmsRkvS1uJShjpsjfTncDuJ9lsNM0DMF1HPU1os8fhlxLmIUV7TnpitKljpmto0Ejv3W516%2FOHnj06dZJfaC0diBaVTiUQlNAHHtxCX1zINB7NmD6xrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:02:28 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031aeab48d85-ATL
cf-bgj
imgq:85,h2pri
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162889
cf-polished
origFmt=png, origSize=475
content-disposition
inline; filename="twitter.webp"
content-length
282
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUlvTatsIh2q7NIIOER39bsBm7tRJgQozsH1qQuV4avhQ1u6PHWhj%2FxOsxFrltBIS4zvmxntRDpJEQlnDFOPzG6ZpZdecK5kTlluhvbq%2F0dLGKRjyBVmh35V%2BQW%2FggAiVDYPXXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:22 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031aeab58d85-ATL
cf-bgj
imgq:85,h2pri
bootstrap.js
www.bleepstatic.com/js/redesign/bootstrap/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6906
cf-polished
origSize=75484
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"984724076"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZkpwvem2y2P1H%2FuD1TsW0lJZ7U3vqcBV9qzrJn3W4F69elLb04m6OBpZROmVl2qNQtKh5v2gd2eXq3i2axUCSKB6DlfbbaAGx97Mxyhe83r470U77jWPuIHMEuY6UPHcK7Zn7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Mon, 20 Sep 2021 02:00:01 GMT
cache-control
max-age=3024000
cf-ray
6c8d031aeab68d85-ATL
cf-bgj
minify
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163964
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDX6acFvi70BqDDlKuYiNWr3YaoU38Z9GeYZkRdf8pTLJ927%2FuOIq6FszVDMfYxMwQNRTsCnrBulXxiEPwT%2FI%2Bo0duMCDr%2FOK0LIaW65ZwPGleAwY%2BA1k9WJtmnWivEr8V1UEDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6c8d031aaa5d8d85-ATL
expires
Thu, 27 Jan 2022 02:02:27 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163964
cf-polished
origSize=3600
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUWg974VFqX42qjWnU6HXEeqJib9%2FiniRPh1OFBiXyV%2FTKcDZ2wQ5xyEH%2Ba200coueHBCBhTBGejIwwrXr1DL42vD8qCCboac4YvU3da8vzj8ug%2BIfi0ajtx0r4ZHCz5ALvS2xs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Thu, 27 Jan 2022 02:02:27 GMT
cache-control
max-age=3024000
cf-ray
6c8d031aeab78d85-ATL
cf-bgj
minify
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5245
cf-polished
origSize=48706
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsjVtK3o8ounJhmy6qmqRUb%2BsRJN1oRXm4qSJydAkFQ3ryqJeJW3vi6ro781Ul3s5YWDECowAhPb3bYX1yLAxRC%2BdDZGYrySMn66PM%2Fw%2BK%2B5NOVyiCLful%2FpDcyyI6QX%2F237IvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Thu, 27 May 2021 22:38:24 GMT
cache-control
max-age=3024000
cf-ray
6c8d031aeab88d85-ATL
cf-bgj
minify
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
551
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUat7yxU9P207G7YYgnPyiWNvtPlGEDZweZZiVAn23h8YQIWN94lP%2BFgatwZR%2BK77U2hdAR27DN%2FM93m32BoIonzW4a1Xb5JBVqstXLvz7%2FU6gmWjipOscXc2ufNgQKNrtHmP1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6c8d031aaa618d85-ATL
expires
Thu, 27 May 2021 22:38:23 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
x-check-cacheable
YES
cache-control
public, max-age=600
date
Wed, 05 Jan 2022 13:21:51 GMT
x-host
s9.addthis.com
content-length
116325
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6c8d031b3eee1064-ATL
connatix.playspace.js
cds.connatix.com/p/144267/ Frame 657E
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/144267/connatix.playspace.js
1 MB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/144267/connatix.playspace.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b9066f4646798c780d999196a760b1aea321f36fe47e904cabfca546205b309

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
last-modified
Wed, 05 Jan 2022 10:25:05 GMT
age
10350
etag
"d191c63a331a24f2c83c3ba0dd1ca09e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
250934

Redirect headers

location
https://cds.connatix.com/p/144267/connatix.playspace.js
date
Wed, 05 Jan 2022 13:21:51 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
server
Kestrel
accept-ranges
bytes
content-length
0
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-8.ewr53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:47:01 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 03:06:43 GMT
server
nginx/1.18.0
age
2090
etag
W/"61d50b43-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
hlMC6AKhkfjcuTfIlvHc4UgmDnaTDXkOQZVEf-FDfYGVv8tmmQ7X5Q==
via
1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
expires
Wed, 05 Jan 2022 13:47:01 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-111.ewr50.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
01b9db5a9550725b5c2d4203e490ad3bb33cbda463626764e58725a188f3d30b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:47:01 GMT
content-encoding
br
age
2090
x-powered-by
PHP/7.3.23
x-cache
Hit from cloudfront
x-xss-protection
0
access-control-allow-origin
*
last-modified
Wed, 05 Jan 2022 12:47:01 UTC
server
nginx/1.18.0
etag
W/"3739c3967315c1b7fa761e452dab1a9a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ce0d380336eb1f624e574285078b47f6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
GBFvmpUbCaIHxMEwg1-RbK_ryait8gbmJ7BfjmFHzUogAroBEP3YHA==
expires
Wed, 05 Jan 2022 13:47:01 GMT
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162888
cf-polished
origFmt=png, origSize=187
content-disposition
inline; filename="login_bg.webp"
content-length
126
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZjZYQAs7ZtsrWmLW3yv%2F39e6vbPbjcjcWjxhiYmtTnsBGiLwxxLhYEZCWzXiA7Kn5U%2BzNgqOfFT9IA1RjRkK9kDHXEaUGuVdPyJNbHGYVnIMxlhbHDugmxAfFqVrzHMYJMwX5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:23 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031aeab98d85-ATL
cf-bgj
imgq:85,h2pri
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 16:23:56 GMT
x-content-type-options
nosniff
age
75475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 16:23:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 01:28:42 GMT
x-content-type-options
nosniff
age
474789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 01:28:42 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162888
cf-polished
origFmt=png, origSize=83
content-disposition
inline; filename="nav_bg.webp"
content-length
72
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B99n4AczoWe34pd%2Bc%2F4Q4g8H%2B1jHe2P0H5qLlx2%2Bf2%2FAgCSlcRZBAyCFr%2B8anVx6yMTawaAJkM4hCQRX9CNc1TjLtY1RsEAiBESE0QeB1McBR0y0eRlxz9%2FJXZw4P%2BUGFvOtiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:23 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0af28d85-ATL
cf-bgj
imgq:85,h2pri
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1159549
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV8Z2POmTEm4rsDLXQxDi7cUA5xJt4a3kQu%2BXEPrsh0JDP5o9s6J05FLkxbmg4plQdu1Q3fk6%2B3b2zJ14StJoV2j1CXfOD3oKBm4aI73zwzcO9ApbdSg093W4%2BKoMJNW2JP%2Fq%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 03:16:01 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0af58d85-ATL
cf-bgj
imgq:85,h2pri
calendar.png
www.bleepstatic.com/images/site/ 		86 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162888
cf-polished
origFmt=png, origSize=129
content-disposition
inline; filename="calendar.webp"
content-length
86
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSmcEJHSoPz6ragIpXJ5I5i1jbqpx2GS9yapCAjJUZfS%2Bu50%2Fjn3of0IxQUNY1IGhfsoDXy5YNJIz3Go2ewGRdbPKEcogwn98qBwD6Vwc60LKJfZIuGVfgYlPT4FZkEUT%2BgpFBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:23 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0af88d85-ATL
cf-bgj
imgq:85,h2pri
clock.png
www.bleepstatic.com/images/site/ 		252 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162888
cf-polished
origFmt=png, origSize=1316
content-disposition
inline; filename="clock.webp"
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOu92qyFKPIZTXz1WzPHxNVgci5QUpXl77p2dO84rUur4Ma0PNuDAezYSmSDenxTt0hdm4O%2B7J9EC70yqwTh3iZ9xtVZX1oTzDpegAw61Q%2B3Ft%2Bc3KayBT3bhL8fnu3lQH5%2F5E4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:23 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0af98d85-ATL
cf-bgj
imgq:85,h2pri
comment-light.png
www.bleepstatic.com/images/site/ 		94 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162867
cf-polished
origFmt=png, origSize=1034
content-disposition
inline; filename="comment-light.webp"
content-length
94
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln1cPxCv2sPOzMVI1Ma7yHBZl8WXhNSbL%2F7OZ5tRmpKjf2qxa6ZiMtNgSUQJiTGkvaahBtzFgt2fGbqqEBHU4X2808e9iL0o1yLtbjtLwhCZy87qQSL%2FmLhkARo%2FLBqFffpJPOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:44 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0afb8d85-ATL
cf-bgj
imgq:85,h2pri
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162867
cf-polished
origFmt=png, origSize=618
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSsj8ZN96dz0Ti08GI3v5F0p6YW8dzXWfb8pQMqssfEq6c8%2BDEyP%2FHExEI0fs7jtIP2j1UKlSrNKqJ%2Ft0iIkZnL%2F5mH4QEcBwwLF%2FoZ682cmhWtZGSotGGogQFDcjggjPktXPl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:44 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0afd8d85-ATL
cf-bgj
imgq:85,h2pri
71f54ec34151fbdfe89e478d7b6e5ddf.jpg
www.bleepstatic.com/author/photos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/71f54ec34151fbdfe89e478d7b6e5ddf.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99887c8a3e382dd055b9504a2141c52fd90fa929ebf16f39ba8526a2c7110362

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163962
cf-polished
degrade=85, origSize=6170, status=webp_bigger
content-length
5955
last-modified
Wed, 02 Jan 2019 02:04:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTCeSXXDAHuC7adCy5S7dezdGHijNb8utsnG5Yfk8VCgEDxDFBPTj04d%2BKYPBenDT0hvj0JSmO4VCddvYjECy6wK6MHVXxuNs52Zpov6PFqw%2BkjRm%2BZDauNQmRxTYfusCinRhls%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:02:28 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0b018d85-ATL
cf-bgj
imgq:85,h2pri
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162888
cf-polished
origFmt=png, origSize=72
content-disposition
inline; filename="h4-bg.webp"
content-length
38
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18km8unyT69XyldJBoXpQqOBGXCK1cVCHNOVt3%2FVI6UVgbTvWu7FzK%2BG2cCXRokTuaq97mDEGL0inI3qA9R3H2fZbKo6woSQ8xoTAfHvzIvY8NA88TTyqBJkfwt5KeMxsrd32iw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:23 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0b048d85-ATL
cf-bgj
imgq:85,h2pri
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/home.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1163962
cf-polished
origFmt=png, origSize=1105
content-disposition
inline; filename="news_email_icon.webp"
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoQt7rDlKJn9n46HOzo%2FrZbpXskFmPvgqR3Qg74IFU1pjWaHMCMbYwETwtjTXQMhviEPveELaH2UkVdefS%2BY3k7icPXS4DIpWMMtb6qkp7aQK%2FmnFkoCzfpV5hz1iyqvEdTqE9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:02:29 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0b068d85-ATL
cf-bgj
imgq:85,h2pri
news_footer_icon.png
www.bleepstatic.com/images/site/ 		110 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162888
cf-polished
origFmt=png, origSize=186
content-disposition
inline; filename="news_footer_icon.webp"
content-length
110
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FwcDFHEx3fCZCkXACsE0bLBz8OrUz6Mq7NZ6kUsaGiYSt2qrPh%2BErv78JNOtemnrFNZdr7TJv%2B4jzz%2BQbeTZ3JXEKEL6qk8Wt4G%2FuHBFelHCNZuBrH4Y2GdUpWALl41rd%2BWKzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 02:20:23 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031b0b078d85-ATL
cf-bgj
imgq:85,h2pri
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:56:13 GMT
x-content-type-options
nosniff
age
30338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 04:56:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 00:09:49 GMT
x-content-type-options
nosniff
age
306722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 02 Jan 2023 00:09:49 GMT
init
d.pub.network/v2/ 		63 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=535&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
6222140896142b59b5f2b19a202ad0dd10a2226d571a589f1b0c6800a790b448

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3263
cf-polished
origSize=4895
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kibItU1q9FhgAEda2pAGaJ6TCMQv9RIuYnDPJCF5BBZva55PzGNqubYiM05%2BoOzXfYCTHqT40FdyexrIcEiGrYnqffEsJqzS7g%2FTcK4ajqUq3AGtZjlGRZjepku9CaiTTnOuHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 27 May 2021 22:38:25 GMT
cache-control
max-age=3024000
cf-ray
6c8d031bfc598d85-ATL
cf-bgj
minify
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31
cf-polished
origSize=26776
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BB29o55IVGserNJg13KH7kIoB3lymVQ6GbFO9Eq3GRr3%2Bs7VK5u7D%2ByHmCxDr%2FzXUg23LaPte7hMXHH0E2IkOhm1B7SWfWCBs%2BRtZGAa8R92Z5GQnhoWjRcSkxIW75m59ICF2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 22 Jun 2021 06:02:36 GMT
cache-control
max-age=3024000
cf-ray
6c8d031bfc5c8d85-ATL
cf-bgj
minify
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 01:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jan 2022 01:21:12 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 04 Feb 2022 13:21:52 GMT
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
4255
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zde81DajrOSGaNzhNmZB3EnMOgaGmp2NMzfsa%2FIgcZ1Fzg6uwU38DOn%2FcP5FDDDnxtbckFqQ9gCYXjpt58co0mAZINYfsvi5cV0rD66AHVJGoe6OiXvs6L1AVcMeIU3S2XJl%2F0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c8d031cba2c63ea-ATL
content-length
65452
292x176_source-code.jpg
www.bleepstatic.com/content/hl-images/2021/11/01/thumb/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2021/11/01/thumb/292x176_source-code.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6acff1111933c6f57a6c318d36cc774e7f037027145c71de37be9f6b4ad7075d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
146036
cf-polished
qual=85, origFmt=jpeg, origSize=57823
content-disposition
inline; filename="292x176_source-code.webp"
content-length
14534
last-modified
Mon, 01 Nov 2021 23:19:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPkffoDcPyvfO5XQlxAPj6sO3ZdFUm6iTPZopVv%2F7h3J%2FXNo4uNfX9v%2FF%2Bz9OkTzcjQSNfvxNcGigtk0JsnwLlevSkpUnHCdbwLPsR2dKo31TjJ7CWxH5CeQqEGGjEozvjv0X0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 02 Feb 2022 20:47:56 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031c6d098d85-ATL
cf-bgj
imgq:85,h2pri
292x176_data-theft-header.jpg
www.bleepstatic.com/content/hl-images/2021/12/21/thumb/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2021/12/21/thumb/292x176_data-theft-header.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ef5895bd7f807078862598d231c2dded9b60d11f6399a49f3cfc456cda2218

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30100
cf-polished
degrade=85, origSize=43211, status=webp_bigger
content-length
10840
last-modified
Tue, 21 Dec 2021 19:52:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zruA6d0frM2x6n1wvJn%2B7L4y3qNkc5TibSMWf9tpIWIokeahYEW18I36ZcfA6cz%2FgB8H3TH%2BaCz68mlQVtWOnPuLtHxtZPlA4GAB7yQiyRxsdkq5lhGzU000c5PGSwNNk9FizR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 04 Feb 2022 05:00:12 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6c8d031c6d0b8d85-ATL
cf-bgj
imgq:85,h2pri
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3BDAE1FAB05E52F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56654
accept-ranges
bytes
content-length
948
x-amz-id-2
JQEtOEyiFCqCP1YLI1OIPGBGUg/WHgpDv22+z5rvn/G8szLTqEelRVwbxuu0H6mk2GphOf1hSec=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
etag
-1659864586--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=9, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
678
300lo.json
m.addthis.com/live/red_lojson/ 		136 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=61d59b7053063220&bkl=0&bl=1&pdt=9502&sid=61d59b7053063220&pub=ra-561517d2c7f964d6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bleepingcomputer.com&fp=news%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=computers%2Cwindows%2Clinux%2Cmac%2Csupport%2Ctech%20support%2Cspyware%2Cmalware%2Cvirus%2Csecurity%2CBotnet%2CBrute%20Force%2CMalware%2CRansomware%2CStealthWorker%2CSynology%2CWarning%2Cvirus%20removal%2Cmalware%20removal%2Ccomputer%20help&colc=1641388912137&jsl=1&uvs=61d59b7003e70133000&skipb=1&callback=addthis.cbs.jsonp__68178861167231950
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f8d806dc6b90488d987a8d48b97f94403ea30ba173eb8c573678b765c11076d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length
136
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D7B0 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C495 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
x-check-cacheable
YES
date
Wed, 05 Jan 2022 13:21:52 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101736
x-xss-protection
0
server
cafe
etag
6975236974516728872
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Jan 2022 13:21:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 7DB6 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 04 Jan 2022 18:33:54 GMT
expires
Tue, 18 Jan 2022 18:33:54 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
67678
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2453
date
Wed, 05 Jan 2022 12:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 05 Jan 2022 14:40:59 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-24.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 13:49:32 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
87434
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f1742871ff3f5482a0c79a4d483d78a9.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
MPb84V7vp1PRfIi1vQTP_gSMBVSK59kZQ1sktltm7xory-4sao8yoQ==
pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
a.pub.network/core/pubfig/ 		324 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
216ebb79c108ef2e3b4e366b7f7f24d6526ae7e72b7230bfb236ca5a844a3c60

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=aeo4MA==, md5=m/T2/g+2/oNoWm3JL9/jHQ==
date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1101498
x-guploader-uploadid
ADPycdtJWke2Gdnad0nN4WvMpMobZYjfNEMzCcu5ArIDOxoz23-_5hyPedJ8jZVdYR9X9Lw2F2AzZEiwHTosjPrN4ugjWBvfrA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 03 Nov 2021 19:07:25 GMT
server
cloudflare
etag
W/"9bf4f6fe0fb6fe83685a6dc92fdfe31d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyHHTAbLzJmJ1aHQKZoh5fiPUky8jrNRuaof2JhmBIp2c38iYOHYelP1g5DdG%2B4qoZxnLaJ3AVfacnXPcuR4mCk%2BrOmWFqvjBLYQOqEyP7EhPR2uvph0iAjs95I5uRfDnwFZunPHwbaVGx8%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1635966445948173
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
332200
cf-ray
6c8d031d4e368d7f-ATL
expires
Thu, 23 Dec 2021 20:23:34 GMT
connatix.playspace.css
cds.connatix.com/p/144267/ 		96 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/144267/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
last-modified
Wed, 05 Jan 2022 10:25:05 GMT
age
10350
etag
"9c60cef97473b19be4f331527d232d62"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13487
spc_fi.php
cdn.firstimpression.io/delivery/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&charset=UTF-8&ch=13&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=60682535
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-111.ewr50.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
85ba03424cf0a803f7ddc324b0fe865cefd4616beeb73f2508ba580dc77f57f7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-amz-cf-pop
EWR50-C1
x-powered-by
PHP/7.3.23
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.bleepingcomputer.com
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 ce0d380336eb1f624e574285078b47f6.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
OhQ77fFgYatqVfYnILxZEx4sC_cXxDk8ZkDkFLSQtUQp1JXwITLAyA==
expires
0
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 05 Jan 2022 13:21:52 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
cookie.js
partner.googleadservices.com/gampad/ 		224 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bleepingcomputer.com&callback=_gfp_s_&client=ca-pub-0920899300397823
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
ff7b267315145f4b0e335aad31708f8f0363b3d9ae17604477278765d6f69d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		119 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2b4575b4edd142aac003bb68bd30c7c5195baf691bf005aba961626c69a2b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 05 Jan 2022 13:21:53 GMT
server
cafe
content-length
25856
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
private
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:16:00 GMT
content-encoding
gzip
age
352
x-guploader-uploadid
ADPycduPnysbXyz1kPndb1W2Fsk1gJjsS94hVV6qnoEkeOw9nsJ7ZrPy1PN4FHNrLFSvtjsfhbLj9V-0taCzJM-E-1SISGgOpw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3637
last-modified
Mon, 22 Nov 2021 21:22:46 GMT
server
UploadServer
etag
"9f5012774da47c70284c82ae0ce443d7"
vary
Accept-Encoding
x-goog-hash
crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation
1637616166247508
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
3637
accept-ranges
bytes
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df6526c391bb80ae6ff08485cd6178fd37c5857d9524a03758a63992d23ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27065
x-xss-protection
0
server
sffe
etag
"1092 / 843 of 1000 / last-modified: 1641382001"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Jan 2022 13:21:52 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
139 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e6b7308f574919308c9f6887ce5b2986fbcf19305dbe5f922f3ea9b0ce37d2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8d031fefe563d5-ATL
date
Wed, 05 Jan 2022 13:21:52 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
467
etag
W/"2c36bbe78f483c30de735cb084d38735"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FjKvA3egh22wpHTVRB4Ysk1DaXphMV%2BaE32hVN3QKr6%2B5Ff5abOsrj1K8jHe9K4LDdQJ%2B%2FMTv2aXuGZJ9o%2FvWzBV49ftvEIyeuFa3r9tJnJNAq%2Fv4K5%2FYsnhbNWRq8WjPsDYmzM1TDXhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800, must-revalidate
content-encoding
br

Redirect headers

date
Wed, 05 Jan 2022 13:21:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNmdHILb6mprHua3JGm9FPENgQPEXPEhuDVF5iix8FRU1q8SQBVVS%2BnDLtYhbMy%2Ffz3vygAjw5GMU4BsSTw6r2%2FUMdn7LNj%2Brp%2Fp450V7hPsUX8Ztp0gix4OMB4Efa%2FogY9OlmFWOMXnKM%2Bw%2B5dnCrKV%2FpHnBWIrb50elQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
6c8d031f1fec1090-ATL
expires
Wed, 05 Jan 2022 14:21:52 GMT
184310-82987131453484.js
js-sec.indexww.com/ht/p/ 		0
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 12:36:00 GMT
Server
Apache
ETag
"762cc6-0-5d4d4ff0c9b66"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=929
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
20
Expires
Wed, 05 Jan 2022 13:37:21 GMT
prebid-analytics-4.42.7.js
a.pub.network/core/ 		458 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-4.42.7.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844d16730113c50876b1ea84b4ba3a56a4c0f115d04b8a25da0d558f1d799b00

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=Chz8kg==, md5=qHN8a/kkUDZkU6QAridSuQ==
date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64686
x-guploader-uploadid
ADPycdvGkbqvyzWNonD3r5JkXNbhc0bfIWJx7Miv6ms4XelDoWKLn-S516YdnGlalAeG3LTVDoRqowODXoWaEY9Dnp8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Wed, 03 Nov 2021 15:36:10 GMT
server
cloudflare
etag
W/"a8737c6bf92450366453a400ae2752b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7rUSMLxseH6zu42USqFKcTL1mMfGiuu6TaYlTXngsxGoQ9o6rqmXKa7g%2Fxv4ZXKt%2BSelay3YzZJbu6HLYm4cskA9z2rFx8KE6sqwdCjPNsthyzoxGZrpSGbZp%2FSk7IdS0nN473qntmVPnM%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1635953770715042
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
469259
cf-ray
6c8d031eb8d58d7f-ATL
expires
Wed, 04 Jan 2023 19:23:46 GMT
story
capi.connatix.com/core/ Frame 657E 		38 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
7a69759da40e034f214cad570cc327587c3d306b91bb95f49f1c690d4d721b57

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
transfer-encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 82F0 		262 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1631035003&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912175&bpp=1&bdt=587&idt=258&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=3472069565444&frm=20&pv=1&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=267
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80149d1dee0ed711e09a7c419da52e83abbf557279e9f3353875278b740968d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 05 Jan 2022 13:21:53 GMT
server
cafe
content-length
64547
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=725107795&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ul=en-us&de=UTF-8&dt=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1062771569&gjid=429179000&cid=951479884.1641388912&tid=UA-91740-1&_gid=349757263.1641388912&_r=1&gtm=2ouc10&z=1514093469
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1641388912498&ns_c=UTF-8&cv=3.5&c8=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&c7=https%3A%2F...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1641388912498&ns_c=UTF-8&cv=3.5&c8=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&c7=https%3A%2...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1641388912498&ns_c=UTF-8&cv=3.5&c8=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
13.225.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-24.ewr50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
via
1.1 f1742871ff3f5482a0c79a4d483d78a9.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
zyPV203FI-6Cu4ubsdadGx96jTLjqwYrN4w1qeiRH8H_qFITBaHyDg==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 05 Jan 2022 13:21:52 GMT
via
1.1 f1742871ff3f5482a0c79a4d483d78a9.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1641388912498&ns_c=UTF-8&cv=3.5&c8=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&c9=
content-length
338
x-amz-cf-id
T3X7ydoo0m_ema-6ojI7fr5pO0glMwn4Hz8QsPvN-0_OBi6WIFW7_w==
48.008759e9efe1c1b693dd.js
s7.addthis.com/static/ 		281 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-119"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Wed, 05 Jan 2022 13:21:52 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
246
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
last-modified
Wed, 05 Jan 2022 13:00:00 GMT
server
nginx/1.15.8
date
Wed, 05 Jan 2022 13:21:52 GMT
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
info.json
www.reddit.com/api/ 		23 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&jsonp=_ate.cbs.rcb_19yl0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
9153c1ca27e27bcbc558c2a027011742fdd39a7e463da6d715d6560561ef47f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ratelimit-used
2
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
accept-encoding
content-length
3271
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
x-clacks-overhead
GNU Terry Pratchett
server
snooserv
x-frame-options
SAMEORIGIN
date
Wed, 05 Jan 2022 13:21:52 GMT
x-ratelimit-remaining
298
content-type
application/javascript; charset=UTF-8
via
1.1 varnish
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset
488
accept-ranges
bytes
expires
-1
info.json
www.reddit.com/api/ 		144 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&jsonp=_ate.cbs.rcb_h7qk0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
87608651a792a2c64173c3efbd6e3fddbef6ab3e960f64ec8e12bacefabfc9b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ratelimit-used
1
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
144
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
x-clacks-overhead
GNU Terry Pratchett
server
snooserv
x-frame-options
SAMEORIGIN
date
Wed, 05 Jan 2022 13:21:52 GMT
x-ratelimit-remaining
299
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset
488
accept-ranges
bytes
expires
-1
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Jan 2022 13:21:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		213 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
3fef19e536824cf94f0a91aa3c591c5cce3a2324b0cb39b2a848ec4ea8ff642c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125
x-xss-protection
0
expires
Wed, 05 Jan 2022 13:21:53 GMT
px.gif
ad-delivery.net/ 		43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.43736948751089133
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Wed, 05 Jan 2022 13:21:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2220
x-guploader-uploadid
ABg5-UwJqWnd_axXVSRH_RA45cVpf9_ZryZOhzimH2WXAgFKR17PaZF9n7rD2FeN8t2Zec7r092c7NmvJdn5LmMxbYpeHGEjvQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlU6XJStYqdNEHvd89Z0Yec2ewTqrMcXSVGFmxDFzTy1a0H%2FXQv%2FoqucMvNu0P6w3lRlA4OT%2BMOt%2BrHU62HKcKbmZw6lQeFj4tAI3cTmnFD%2BxGlEXKmO%2BWz2jiHiKL%2F8lPkLtI28mLVSl%2B8nGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6c8d0320bf3c63c0-ATL
expires
Wed, 05 Jan 2022 13:44:52 GMT
sr
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
8a9333a639719887ee0dd2b1249ff87857b39d2799e3d76a954ac54179546616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27057
x-xss-protection
0
server
sffe
etag
"1092 / 202 of 1000 / last-modified: 1641382001"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Jan 2022 13:21:52 GMT
b4fa8aae-9fa4-42e7-8467-4bc445a87fb5.bin
vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 657E 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/b4fa8aae-9fa4-42e7-8467-4bc445a87fb5.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95f7f4c1cbf38685a6de7b8f3218361bd3594e38ca6b8ad21f05791f9a69483b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 08:26:03 GMT
age
17424
etag
"f2f6bfd89755c2120ecc018f5508e374"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
825
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 657E 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Wed, 05 Jan 2022 13:21:52 GMT
1.png
img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
age
2270332
etag
"o7hSHwAUmCBIixIgiGzuW02nJNU8oGEvPnjWp++AQj4"
access-control-max-age
86400
fastly-io-info
ifsz=11996 idim=794x206 ifmt=png ofsz=9784 odim=794x206 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
9610
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dIndex%26uid%3d
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dea5e916b51b048cabf316983e9db96c7%26pname%3DIndex%26uid%3D&s=190549&C=1
  • https://cks.connatix.com/cks?pid=17&ev=ea5e916b51b048cabf316983e9db96c7&pname=Index&uid=YdWbcBgovym-M.HPZmH3eQAA%26946
138 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=ea5e916b51b048cabf316983e9db96c7&pname=Index&uid=YdWbcBgovym-M.HPZmH3eQAA%26946
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62d5ad83a4e33983a920bf6654fcc57fc3fef27407a914148d97068e7ddd9fcf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
138
retry-after
0

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cks.connatix.com/cks?pid=17&ev=ea5e916b51b048cabf316983e9db96c7&pname=Index&uid=YdWbcBgovym-M.HPZmH3eQAA%26946
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
314
Expires
Wed, 05 Jan 2022 13:21:53 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dBeeswax%26uid%3d{userid}
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dea5e916b51b048cabf316983e9db96c7%26pname%3DBeeswax%26uid%3D%7Buserid%7D&_bee_ppp=1
  • https://cks.connatix.com/cks?pid=15&ev=ea5e916b51b048cabf316983e9db96c7&pname=Beeswax&uid=AAFt-E7DqzcAABFrhrnOiw
132 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=ea5e916b51b048cabf316983e9db96c7&pname=Beeswax&uid=AAFt-E7DqzcAABFrhrnOiw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a54517b03468a66a0819a1d00eb8aecb97f52a780e76b56ec6c1d52d249f809d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
132
retry-after
0

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=ea5e916b51b048cabf316983e9db96c7&pname=Beeswax&uid=AAFt-E7DqzcAABFrhrnOiw
Date
Wed, 05 Jan 2022 13:21:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://cks.connatix.com/cks?pid=19&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467&ttl=1643980912
146 B
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467&ttl=1643980912
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
252e95ca81539eaf33d8fa58af22be658917a22a57b469852db37937dc529ebd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467&ttl=1643980912
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d21%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dAmobee%26uid%3D%23USER_ID%23
  • https://cks.connatix.com/cks?pid=21&ev=ea5e916b51b048cabf316983e9db96c7&pname=Amobee&uid=3747225568690969523
129 B
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=ea5e916b51b048cabf316983e9db96c7&pname=Amobee&uid=3747225568690969523
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba605786cfb90ed828ab9d2c256a211e28949b3ca0a2cc8d6f9fe00e3cf16d4f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
129
retry-after
0

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=ea5e916b51b048cabf316983e9db96c7&pname=Amobee&uid=3747225568690969523
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dAppNexus%26uid%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253dea5e916b51b048cabf316983e9db96c7%2526pname%253dAppNexus%2526uid%253d%2524UID
  • https://cks.connatix.com/cks?pid=6&ev=ea5e916b51b048cabf316983e9db96c7&pname=AppNexus&uid=6285311477415990070
128 B
162 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=ea5e916b51b048cabf316983e9db96c7&pname=AppNexus&uid=6285311477415990070
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d41cb030de1d7a2477a3e547bb40d6c494c5ec421952469d41f3c2937052ad4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
128
retry-after
0

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:52 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 582.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b1168944-851d-47eb-b199-852d995440fa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cks.connatix.com/cks?pid=6&ev=ea5e916b51b048cabf316983e9db96c7&pname=AppNexus&uid=6285311477415990070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5089
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jan 2022 13:21:53 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Date
Wed, 05 Jan 2022 13:21:52 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
userSync.js
ads.pubmatic.com/AdServer/js/ Frame 657E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:14 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300709-1af3-5c4c7cca9e573"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=27690
accept-ranges
bytes
content-type
text/javascript
content-length
2267
expires
Wed, 05 Jan 2022 21:03:22 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d9%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dCentro%26uid%3d{userId}
  • https://cks.connatix.com/cks?pid=9&ev=ea5e916b51b048cabf316983e9db96c7&pname=Centro&uid=no-consent
119 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=ea5e916b51b048cabf316983e9db96c7&pname=Centro&uid=no-consent
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96d66ae034f09eab8282feb0a9fd951c2a12f7b5419981da6bfdb81453e658ec

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
119
retry-after
0

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:51 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cks.connatix.com/cks?pid=9&ev=ea5e916b51b048cabf316983e9db96c7&pname=Centro&uid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dSpotX%26uid%3d%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dSpotX%26uid%3d%24SPOTX_USER_ID&__user...
  • https://cks.connatix.com/cks?pid=10&ev=ea5e916b51b048cabf316983e9db96c7&pname=SpotX&uid=7275e6a9-6e2a-11ec-a4f5-1ff67a7c0503
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=10&ev=ea5e916b51b048cabf316983e9db96c7&pname=SpotX&uid=7275e6a9-6e2a-11ec-a4f5-1ff67a7c0503
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4499ebd756f5df85b0e94527e7855ff09b2f8f4026026d64ce831655dd5cc318

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

Date
Wed, 05 Jan 2022 13:21:53 GMT
Server
nginx
Location
https://cks.connatix.com/cks?pid=10&ev=ea5e916b51b048cabf316983e9db96c7&pname=SpotX&uid=7275e6a9-6e2a-11ec-a4f5-1ff67a7c0503
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
133
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=ea5e916b51b048cabf316983e9db96c7&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d5%26ev%3dea5e916b51b048cabf316983e9db96c7%26pname%3dTel...
  • https://cks.connatix.com/cks?pid=5&ev=ea5e916b51b048cabf316983e9db96c7&pname=Telaria&uid=db205cfb03c046878407cd33e7e645dd
141 B
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=ea5e916b51b048cabf316983e9db96c7&pname=Telaria&uid=db205cfb03c046878407cd33e7e645dd
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66c3fdb6b5dcdf6b55b6f4d25d728b4e56e623ad2288519c5aec05d919b65aa8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
141
retry-after
0

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=ea5e916b51b048cabf316983e9db96c7&pname=Telaria&uid=db205cfb03c046878407cd33e7e645dd
date
Wed, 05 Jan 2022 13:21:52 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
cm
us-u.openx.net/w/1.0/ Frame 657E 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&&r=%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D8%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerUserId%3D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=II2W3kgp&w=5733492711227392&o=5714937848528896&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 05 Jan 2022 13:21:52 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
ao
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame 657E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
623f2215b04f4c48ecb7599af6c7966a6f390300bc1a09708a4beb62ca8d4115

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
1618
ps
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
5dde3fdd-7b34-4d71-ad0f-89f1e3ee2995.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/5dde3fdd-7b34-4d71-ad0f-89f1e3ee2995.jpg?crop=834:541,smart&width=834&height=541&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df89283695b6065a1741d57f46ced9cde84176226d51797ce9d9827ef07fc0dc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
age
17725
etag
"GM6Ocf4w5289Lbg8MraRqg5jLwVaThtUyVqLvq4vWzs"
access-control-max-age
86400
fastly-io-info
ifsz=171318 idim=1600x900 ifmt=jpeg ofsz=42901 odim=834x541 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
42405
5dde3fdd-7b34-4d71-ad0f-89f1e3ee2995.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/5dde3fdd-7b34-4d71-ad0f-89f1e3ee2995.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
deab2e7ced9ecd10dc3a77f89b3e32d6b7a6befdee2f8e84a9ab702031e48d1c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
age
17725
etag
"/akTQA+c7k7sM6s/soLoJnVFhuXm7X9WM0gxAj0iOrE"
access-control-max-age
86400
fastly-io-info
ifsz=171318 idim=1600x900 ifmt=jpeg ofsz=38225 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
37744
f4c4024e-1090-48a2-8d5a-b205b86ed933.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/f4c4024e-1090-48a2-8d5a-b205b86ed933.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c6db71096e2bcb1918adbf9919913e60252156d48f20b03078a8e5b4409f49b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
age
17725
etag
"Vs8KsfTLGDGWfzBtCrfsbo+rqg0/Uq3MDY4mqfI5+iM"
access-control-max-age
86400
fastly-io-info
ifsz=205610 idim=1600x900 ifmt=jpeg ofsz=38238 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
37786
09b3a9bf-1f38-4d93-9a37-d98c62cf2d9d.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/09b3a9bf-1f38-4d93-9a37-d98c62cf2d9d.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3570725a333fb1545ddfd93f335f3cc9fbb3e7e342dbf990020cdaa3e9f2bd1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
age
17725
etag
"ZKLXgkWsARQwbsPovAQU2Z9kTknCBcW5jHgxJkTTEwk"
access-control-max-age
86400
fastly-io-info
ifsz=241600 idim=1600x900 ifmt=jpeg ofsz=46228 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
45800
c210746c-df6a-43f1-8aea-49e2b05e619d.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		9 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/c210746c-df6a-43f1-8aea-49e2b05e619d.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8e260667aaf894b165ae959bab6c605ab4e4c29c4ee66e18245dded3d60d1a0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
age
17725
etag
"9IlXa7nRpV5tWnQ0KILwp5aVk3ByG7MJtfrRko0ITeU"
access-control-max-age
86400
fastly-io-info
ifsz=43238 idim=1600x900 ifmt=jpeg ofsz=9123 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7971
a185edcd-d51f-4597-b3c5-1fa1f338b04c.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		27 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/a185edcd-d51f-4597-b3c5-1fa1f338b04c.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df3186df6df487ed591fa020ba2bcef11884c0cdfd212d22ddad6f3ff45734cb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
br
age
17725
etag
"SBhdRSzv1F9cxJbqDGzhdi1EuyoAfTg6MB1GdcezwoI"
access-control-max-age
86400
fastly-io-info
ifsz=174619 idim=1600x900 ifmt=jpeg ofsz=27234 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
26208
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-api-key
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age
3600
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
strict-transport-security
max-age=31536000;includeSubDomains;preload;
content-length
0
via
1.1 google
alt-svc
clear
floors
api.floors.dev/sgw/v1/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
44c372895d511547386c9f8643ae003cf0a9e4c9195bd94e7840519063d870b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000;includeSubDomains;preload;
alt-svc
clear
expires
0
us
capi.connatix.com/core/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2753 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=108638
expires
Thu, 06 Jan 2022 19:32:30 GMT
date
Wed, 05 Jan 2022 13:21:52 GMT
vary
Accept-Encoding
us
capi.connatix.com/core/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
PugMaster
image6.pubmatic.com/AdServer/ Frame 2753 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40095321&p=156592&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5e619664fa0975bea59b4b84ffe319b3e7152de3cfb3fabc29a1882ed5df03d5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
us
capi.connatix.com/core/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 973E 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Thu, 30 Dec 2021 20:19:52 GMT
expires
Fri, 30 Dec 2022 20:19:52 GMT
last-modified
Thu, 23 Dec 2021 20:15:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
493321
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 657E 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jan 2022 13:21:53 GMT
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame EE17 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Thu, 30 Dec 2021 20:19:52 GMT
expires
Fri, 30 Dec 2022 20:19:52 GMT
last-modified
Thu, 23 Dec 2021 20:15:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
493321
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame E4A5 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Thu, 30 Dec 2021 20:19:52 GMT
expires
Fri, 30 Dec 2022 20:19:52 GMT
last-modified
Thu, 23 Dec 2021 20:15:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
493321
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A593 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:35:43 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6976 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:35:43 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 623B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:35:43 GMT
us
capi.connatix.com/core/ Frame 657E 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
transfer-encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
us
capi.connatix.com/core/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
de974e0de653beaf8b7a147538108e14.js
www.gstatic.com/mysidia/ Frame 7DA9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Apr 2022 06:18:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
4VmutqpMSKe44XUliQiub0_OOWAXoLbl
content-encoding
gzip
etag
4da12c74ee926b2a11a4e43bfb72b2fd
age
3715
x-cache
Hit from cloudfront
server
Server
x-amz-rid
19G4GG8FBVKN6XJCW08F
date
Wed, 05 Jan 2022 12:27:24 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ryiekCj0Ms-3lxbi-lX3wVivGMKLtKhiZHTb5AmMU5XHSeZGBAHjpQ==
op.js
tagan.adlightning.com/freestar/ 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/op.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
224b7961c43e25f6d5508be4a91d5639cdfb8054c460e4b93d3713aa18dbdf04

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:24:49 GMT
content-encoding
gzip
age
3425
x-cache
Hit from cloudfront
content-length
24068
x-amz-meta-git_commit
5a99e50
last-modified
Tue, 04 Jan 2022 18:54:30 GMT
server
AmazonS3
etag
"d3d909666e2c74faea87e83fa3480efb"
x-amz-version-id
U_UDvECDOn6eUnc9bxKt8jcocrm0BfZU
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
czmyO_YUnmWl6zqPg-jm8_Vyk9s3aHaxWDTQSdNclGHjh6WAKNWdEQ==
usync.js
eus.rubiconproject.com/ Frame 5089 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d5de6a492eec0c85725a0fb6a14dfb084d255c5915b03df9360f91d7630f3c1e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81256
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 06 Jan 2022 11:56:09 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7DA9 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:13:56 GMT
73ef1b0c52822f52f7d215f1f6e76f47.js
www.gstatic.com/mysidia/ Frame 7DA9 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/73ef1b0c52822f52f7d215f1f6e76f47.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de67a62db6da8cd030da7dbe265b824217d72b8ae71e01191668fbe6b90e53ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 06:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8067
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:39:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 7DA9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:16:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:16:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7DA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:20:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7DA9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:13:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DA9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:53 GMT
us
capi.connatix.com/core/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
match
c1.adform.net/serving/cookie/ Frame 9DB5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=54621527-E2AF-48B3-9A20-16DF7E99F819
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54621527-E2AF-48B3-9A20-16DF7E99F819
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54621527-E2AF-48B3-9A20-16DF7E99F819
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=54621527-E2AF-48B3-9A20-16DF7E99F819
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 133C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&_test=YdWbcQADT-oI8wAm
1 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&_test=YdWbcQADT-oI8wAm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug010:0:927
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&_test=YdWbcQADT-oI8wAm
accept-ranges
bytes
date
Wed, 05 Jan 2022 13:21:53 GMT
via
1.1 varnish
x-served-by
cache-atl18459-ATL
x-cache
HIT
x-cache-hits
0
x-timer
S1641388913.387086,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 7C7B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGdC1FN0RxemNBQUJGcmhybk9pdw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFt-E7DqzcAABFrhrnOiw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFt-E7DqzcAABFrhrnOiw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFt-E7DqzcAABFrhrnOiw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5306905266731188593
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFt-E7DqzcAABFrhrnOiw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5306905266731188593%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=5306905266731188593&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFt-E7DqzcAABFrhrnOiw
42 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFt-E7DqzcAABFrhrnOiw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug005:0:583
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 05 Jan 2022 13:21:54 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFt-E7DqzcAABFrhrnOiw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync.aspx
dis.criteo.com/dis/ Frame 2CF4 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 05 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
626173
strict-transport-security
max-age=31536000; preload;
141
match.deepintent.com/usersync/ Frame 734E 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Wed, 05 Jan 2022 13:21:52 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 60C6
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=72db71b4-6e2a-11ec-b017-01e8582d969d
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=72db71b4-6e2a-11ec-b017-01e8582d969d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 11:20:06 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug030:0:361
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 05 Jan 2022 13:21:53 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=72db71b4-6e2a-11ec-b017-01e8582d969d
X-RealServer-NX
sjc-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 0E67
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tzhAVoWfRqRKm_zjxtAwa1x3E0k
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tzhAVoWfRqRKm_zjxtAwa1x3E0k
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug013:0:552
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 05 Jan 2022 13:21:53 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tzhAVoWfRqRKm_zjxtAwa1x3E0k
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame A9E1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:GI2D34ul1N56eJ5&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:GI2D34ul1N56eJ5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug014:0:551
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 05 Jan 2022 13:21:53 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:GI2D34ul1N56eJ5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-09ea9fd12bd276632@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
i.match
s.tribalfusion.com/z/ Frame 2813
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8d03252e5063cf-ATL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
5550
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8d03245c6f63cf-ATL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Pug
image2.pubmatic.com/AdServer/ Frame 86D5
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7d00d6a9-384d-4a07-aea7-14a7f41eb807
1 B
563 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7d00d6a9-384d-4a07-aea7-14a7f41eb807
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 08:27:49 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va2pug009:0:545
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7d00d6a9-384d-4a07-aea7-14a7f41eb807
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 859E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=637414288351
42 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=637414288351
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug012:0:873
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=637414288351
Pug
simage2.pubmatic.com/AdServer/ Frame AB40
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8943010024
  • https://sync.1rx.io/usersync/tradedesk/1a63fcc3-1a56-4f35-8bf5-da845493f467
  • https://sync.targeting.unrulymedia.com/csync/RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 12:02:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug025:0:473
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Wed, 05 Jan 2022 13:21:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
ETag
RX7dee9e15f789480db5b70485aa3d433e005
Pug
simage2.pubmatic.com/AdServer/ Frame E5FF
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ6946753131882517221&uid=Q694675313188251...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6946753131882517221
42 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6946753131882517221
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug029:0:396
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.2.15 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6946753131882517221
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=60203
Date
Wed, 05 Jan 2022 13:21:53 GMT
Connection
keep-alive
usersync
match.bnmla.com/ Frame 633D 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 05 Jan 2022 13:21:53 GMT
Content-Length
0
Connection
keep-alive
us
capi.connatix.com/core/ Frame D92A 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=2&UserId=ea5e916b51b048cabf316983e9db96c7&DemandPartnerName=Pubmatic&DemandPartnerUserId=54621527-E2AF-48B3-9A20-16DF7E99F819
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-credentials
true
content-type
application/json
date
Wed, 05 Jan 2022 13:21:53 GMT
server
Kestrel
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2753
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGIVJ-KvSLOaIBbffpn4GQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=108637
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 06 Jan 2022 19:32:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 2753
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=54621527-E2AF-48B3-9A20-16DF7E99F819
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU0NjIxNTI3LUUyQUYtNDhCMy05QTIwLTE2REY3RTk5RjgxORAAGg0I8bbWjgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=27139ccf4455b1fdfb57784b963edcd1c4c2e39ffb1684d94c95c6877169994b791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyNzEzOWNjZjQ0NTViMWZkZmI1Nzc4NGI5NjNlZGNkMWM0YzJlMzlmZmIxNjg0ZDk0Yzk1YzY4NzcxNjk5OTRiNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyNzEzOWNjZjQ0NTViMWZkZmI1Nzc4NGI5NjNlZGNkMWM0YzJlMzlmZmIxNjg0ZDk0Yzk1YzY4NzcxNjk5OTRiNzkxNDI2YjU0MTdkY2UyMRAAGgwI8bbWjgYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1641388914
x-served-by
beacon-n032-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
date
Wed, 05 Jan 2022 13:21:54 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
SPug
image4.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=403961d5-9b71-4f00-9cc6-be00ed2c04ce
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=403961d5-9b71-4f00-9cc6-be00ed2c04ce
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 05 Jan 2022 13:21:53 GMT
Server
MT3 4133 baa842e master iad-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=403961d5-9b71-4f00-9cc6-be00ed2c04ce
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:21:52 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2MjE1MjctRTJBRi00OEIzLTlBMjAtMTZERjdFOTlGODE5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug002:0:425
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPpCU9fqoqyDenkIGJeIMFM&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPpCU9fqoqyDenkIGJeIMFM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 08:32:08 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug001:0:513
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPpCU9fqoqyDenkIGJeIMFM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
42 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug001:0:498
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 05 Jan 2022 13:21:53 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 04 Jan 2022 13:21:53 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1a63fcc3-1a56-4f35-8bf5-da845493f467
42 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1a63fcc3-1a56-4f35-8bf5-da845493f467
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 10:33:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug026:0:479
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1a63fcc3-1a56-4f35-8bf5-da845493f467
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3747225568690969523&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3747225568690969523&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 11:20:06 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug030:0:486
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3747225568690969523&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:050e61d5-9b71-4f00-a1bc-dfd497875439&gdpr=0&gdpr_consent=
42 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:050e61d5-9b71-4f00-a1bc-dfd497875439&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:02:57 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug025:0:340
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 05 Jan 2022 13:21:53 GMT
Server
MT3 4133 baa842e master iad-pixel-x20 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:050e61d5-9b71-4f00-a1bc-dfd497875439&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:21:52 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54621527-E2AF-48B3-9A20-16DF7E99F819&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54621527-E2AF-48B3-9A20-16DF7E99F819&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_LMFAZpE2uVhSfiJKtQrUQ.SRI0zPUE-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_LMFAZpE2uVhSfiJKtQrUQ.SRI0zPUE-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_LMFAZpE2uVhSfiJKtQrUQ.SRI0zPUE-~A&gdpr=0&gdpr_consent=
date
Wed, 05 Jan 2022 13:21:53 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
54621527-E2AF-48B3-9A20-16DF7E99F819
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2753 		43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/54621527-E2AF-48B3-9A20-16DF7E99F819?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6285311477415990070&gdpr=0&gdpr_consent=
42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6285311477415990070&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:590
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:53 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6fe82061-d3d6-4285-9a49-46f970f7fc26
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6285311477415990070&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 2753 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.169.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-169-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5682de822b7f1221&is_secure=true&networkId=17100&version=1&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcYwmOs80YQMR8Rs6AAAAAAA&expiration=1641475313&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&...
42 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcYwmOs80YQMR8Rs6AAAAAAA&expiration=1641475313&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug017:0:700
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcYwmOs80YQMR8Rs6AAAAAAA&expiration=1641475313&nuid=54621527-E2AF-48B3-9A20-16DF7E99F819&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&gdpr=0&gdpr_consent=
1 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug029:0:462
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&gdpr=0&gdpr_consent=
Date
Wed, 05 Jan 2022 13:21:53 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
72e5d80b-6e2a-11ec-9c3a-99462fc17f30
Pug
image2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XWPPxVIwnMFGasiVWGaGwl5mnZRGN5rBXzEsAzHu
42 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XWPPxVIwnMFGasiVWGaGwl5mnZRGN5rBXzEsAzHu
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug002:0:465
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XWPPxVIwnMFGasiVWGaGwl5mnZRGN5rBXzEsAzHu
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sn.ashx
pmp.mxptint.net/ Frame 2753
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B332_E93857CB_283A4EF6&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Server
204.2.255.233 , United States, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-324375714; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:53 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-324375714; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:712
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 08:32:41 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:375
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a9b2050e-aa70-43f1-96df-c187e79e72a6&user_group=1&ssp=pubmatic&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug029:0:334
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 05 Jan 2022 13:21:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8664334389647396867
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8664334389647396867
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 11:15:40 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug028:0:395
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8664334389647396867
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1723
date
Wed, 05 Jan 2022 13:21:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:44af:4f54:8af4:5563 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 12 Jan 2022 13:21:53 GMT
freestar.js
dggaenaawxe8z.cloudfront.net/ic/audiencesegment/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.205.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-105.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ace5c7a57a33a8c21d81ff1ab27c6e2fb71d14c98f007bc9e990880063a32b42

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 07:12:31 GMT
content-encoding
gzip
last-modified
Mon, 20 Dec 2021 06:25:02 GMT
server
AmazonS3
age
22163
etag
W/"069b7e72e08ae247bc61b83397caaea1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
AvGqUzaygrRd-Br3eyu_FhPa9XgdUlg4cUQ5k89a3RGQbpCyResCcg==
load.js
s.ntv.io/serve/ 		392 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.163 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3e6aee43ce232f5c967d532d699c8dd2366873b4a61a6d6cbebb3606174a4a61

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:53 GMT
Content-Encoding
gzip
x-amz-request-id
FJY3ZQRJWF9K03JB
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
0K+x6tXN7u15zo+K08x+uUS0SW79YPo026cVmZfJKXwfOqmyVaiKlmeBTX1rMVhgJV7ysHKvaK8=
Last-Modified
Tue, 07 Dec 2021 20:43:26 GMT
Server
AmazonS3
ETag
"0de0bc397fd51514098ef13d672152b4"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=FQ5wH3xHNTFmTWgva3VKMXlFK3dCajZreFpjVjQrZXNTeGhLYWliS1VEYjZaZ1JFT3FvS25WQzNKcGtOd1ZDaS92eUR3ZC9FalFtUWRXSWdTU0h5R3ViaW5udVJ3Wm80SGhpSkpoSTVGN1pWTDRLbXBsY1lPRmJHUVpTR1...
366 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FQ5wH3xHNTFmTWgva3VKMXlFK3dCajZreFpjVjQrZXNTeGhLYWliS1VEYjZaZ1JFT3FvS25WQzNKcGtOd1ZDaS92eUR3ZC9FalFtUWRXSWdTU0h5R3ViaW5udVJ3Wm80SGhpSkpoSTVGN1pWTDRLbXBsY1lPRmJHUVpTR1ZlZWlBNGxlalRJRzc4MzZLRmZMNWI4VUxLNE5yZXBUYXVTWmxFbkNlUHFrT0ZsaWVLK3NXYkI0Z0Ixd1RlNG1qdDlSWkVORXFGbWtoZXdYb3ZtK2kxejRMaVZYOXUra3JkSDlMS3B5K0ZlZ3hlUkFWbXpkNmtDOTM0Z3ZlK2xxT20ySTVsTFk1fA&cppv=2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
add8676db3e2f2b6e681d707ec2c2077c3091d42fbcdffe13515245c5faec607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3474
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:52 GMT
location
https://mug.criteo.com/sid?cpp=FQ5wH3xHNTFmTWgva3VKMXlFK3dCajZreFpjVjQrZXNTeGhLYWliS1VEYjZaZ1JFT3FvS25WQzNKcGtOd1ZDaS92eUR3ZC9FalFtUWRXSWdTU0h5R3ViaW5udVJ3Wm80SGhpSkpoSTVGN1pWTDRLbXBsY1lPRmJHUVpTR1ZlZWlBNGxlalRJRzc4MzZLRmZMNWI4VUxLNE5yZXBUYXVTWmxFbkNlUHFrT0ZsaWVLK3NXYkI0Z0Ixd1RlNG1qdDlSWkVORXFGbWtoZXdYb3ZtK2kxejRMaVZYOXUra3JkSDlMS3B5K0ZlZ3hlUkFWbXpkNmtDOTM0Z3ZlK2xxT20ySTVsTFk1fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2723
content-length
509
expires
0
arj
freestar-d.openx.net/w/1.0/ 		73 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d919caee-afe2-4b2c-8879-e05228baf3c8&nocache=1641388913315&pubcid=a8ba9641-1c73-4b3d-9b45-203e79f1ab5b&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90&divids=bleepingcomputer_970x90_728x90_320x50_sticky&aucs=%252F15184186%252Fbleepingcomputer_970x90_728x90_320x50_sticky%252Fbleepingcomputer_970x90_728x90_320x50_sticky&auid=540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
51f95e632f7eacb16867bfd50ae647a58f9a995faf6796e3f8ac459f9d308bef

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
385cd14e648529eee30cb97504ef5052e7f5940cd639b9d2b9e63307ceacd0b4

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:21:52 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
auction
c.deployads.com/openrtb2/ 		443 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_4.42.1&host=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
9ec1780246d28288d94b8ebc647d37766e61d8b31c29bf9264fba31be29e22ca

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
443
expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5f2ad9c616363f8d76278c5bc9591ff5bcf5c79f72233581873863af1cd11d31

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7c9b4720ecb0228a7b59dbe3c2954336d078c97eaa47d7001f4f62d63962c735
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Jan 2022 13:21:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6b01783a-83ff-42af-8df2-39db6a0fb581
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d0324c9d1eaeb-ATL
access-control-allow-headers
origin, content-type
hb
ssc.33across.com/api/v1/ 		118 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dPGcAuqZ0r6Ok4aKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4422923c1bdaa40600526024e5255d4659d5d2afd3ceb76bb39883848f4b51ff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e6acc092d263539bf15339b6441850f66e744ac89695fb52206ae7c51aff3f75

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c4f7dc98522529acbf36e413025ea01d951d34044f84f5f6ffd7b7e17ebfc967

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
0
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:53 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
hbjson
grid.bidswitch.net/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
cygnus
htlb.casalemedia.com/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22267b3fa18598174%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22279406cd2b9acb9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22287097293f5c645%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
429b804106a65545f65a57732906d18a9323bb26ab144ab388d5a52ac04bd7a5

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
x-ak-initial-geo
CC:[US], RC:[GA], CN:[NA], CIP:[92.119.19.73], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
23
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
23
expires
Wed, 05 Jan 2022 13:21:53 GMT
auction
tlx.3lift.com/header/ 		19 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.42.1&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.33.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-33-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.42.1&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22callback_id%22%3A%2232c304bca9b5c4b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&bust=1641388913336&pr=&scrd=1&dnt=false&description=Taiwan-based%20NAS%C2%A0maker%C2%A0Synology%C2%A0has%20warned%20customers%20that%20the%20StealthWorker%20botnet%20is%20targeting%20their%20network-attached%20storage%20devices%20in%20ongoing%C2%A0brute-force%20attacks.&title=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=a8ba9641-1c73-4b3d-9b45-203e79f1ab5b&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.253.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-253-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		139 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
54a5777ef475788a604516e4a827f3d9564753a931f919b24219264ed8e25a5c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:53 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2e105863-c758-4ba9-a00e-cdff04c99a3f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		758 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&rp_schain=1.0,1!freestar.com,412,1,,,&eid_pubcid.org=a8ba9641-1c73-4b3d-9b45-203e79f1ab5b%5E1&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tg_i.fs_ad_product=stickyFooter&tg_i.dfp_ad_unit_code=15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tg_i.pbadslot=15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tk_flint=pbjs_lite_v4.42.1&x_source.tid=d919caee-afe2-4b2c-8879-e05228baf3c8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.00823678049976495
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2f32f3641806a677b11acb4a92048d9d8f61b7c3047ca66fefc589440d06fd89

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:53 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
758
Expires
Wed, 17 Sep 1975 21:32:10 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5089 		284 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/jpg
downsize_200k_v1
tpc.googlesyndication.com/simgad/13082891081201222343/ Frame 7DA9 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13082891081201222343/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43ff03ab80f81f266774cedd1c8e839aa6fe9340e66b43e7a02510726cf3a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 11:20:38 GMT
x-content-type-options
nosniff
age
525675
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53729
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 07:10:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 11:20:38 GMT
4854627027205427207
tpc.googlesyndication.com/icore_images/ Frame 7DA9 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/4854627027205427207
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e74d0f692473e4a1a14987ea3f8bef5956156dfec78e8c971d7f054995b1105c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12394
x-xss-protection
0
last-modified
Sat, 15 May 2021 01:22:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 13:21:53 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2349193778083172754/ Frame 7DA9 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2349193778083172754/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86dcec074dbfc057d84e6a0682a09b1d4fdca48c8b7db48db0ea2bb53921db0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 17:00:35 GMT
x-content-type-options
nosniff
age
73278
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153918
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 10:19:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Jan 2023 17:00:35 GMT
15112641275816879825
tpc.googlesyndication.com/icore_images/ Frame 7DA9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/15112641275816879825
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd03d11351c930f319e80055ae27e9ad56be3642a034648a5a62a10822ffea8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 15:15:42 GMT
x-content-type-options
nosniff
age
511571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15809
x-xss-protection
0
last-modified
Sat, 26 Dec 2020 16:16:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 15:15:42 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7093329467737184342/ Frame 7DA9 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7093329467737184342/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a3f7d24e555b79f73a1d5770b14d1456f33b9d4da7d5599d2ad5a1c4a2ac37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 19:26:38 GMT
x-content-type-options
nosniff
age
237315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91789
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 18:24:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 02 Jan 2023 19:26:38 GMT
1809640635101893838
tpc.googlesyndication.com/daca_images/simgad/ Frame 7DA9 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/1809640635101893838
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d86120fb9383705f56580ae2b9b9251126c8a727a7aec2e6a1cf09d41ab3a891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53874
x-xss-protection
0
last-modified
Wed, 08 Feb 2017 18:58:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 13:21:53 GMT
15873670862007106512
tpc.googlesyndication.com/icore_images/ Frame 7DA9 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/15873670862007106512
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fee252de930dd5412cacb6b6c8f24694ddf06b3ee325e0be67cd351acb2f4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17546
x-xss-protection
0
last-modified
Sat, 15 May 2021 01:23:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 13:21:53 GMT
1242355791437087463
tpc.googlesyndication.com/icore_images/ Frame 7DA9 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/1242355791437087463
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bfc2c2ee9af9b35c72c475c8c25d1004f5b43e34b2da6bfd4d99798afe12c9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 02:29:36 GMT
x-content-type-options
nosniff
age
384737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13982
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:01:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Jan 2023 02:29:36 GMT
pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
a.pub.network/core/pubfig/ 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c529e436f076bdd932736e1e7c90e229bff81b381de87eb8697f7222c0d841e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=rzn4Hw==, md5=eB0PgcfO/6vocxzVJUb9Ug==
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1101498
x-guploader-uploadid
ADPycdvIQTLNLGiVsKQ2M87gV_JhkzupW3w7hV28ZHTeeibgSN6hQKv3VAOabThVqcZ9i6orhCKFuN5HykBgkAbrJ8FHdv1hBQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 03 Nov 2021 19:07:29 GMT
server
cloudflare
etag
W/"781d0f81c7ceffabe8731cd52546fd52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9y8Io4pRY6ByAPM8%2FXSab0dD0Q8TZty7j2I5hpjk0Y%2BPQd9dEzd86fR7DqMEWILbybFEZ5UY3gpaC047qG8pXcV6dS%2BmjVhlmK2Gq3HbNrsTjdDSwu%2B8nsg9X9jylgj4%2FAQr%2BiI3WYI280%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1635966449401232
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
186040
cf-ray
6c8d032559f48d7f-ATL
expires
Thu, 23 Dec 2021 20:23:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C71FNcJvVYdHpHILJ_gSdgr6ABv35vZ1mpJ-bkqMPivz8ytkNEAEgx4P8ASgIYLsGoAGFzu3CAsgBBqkCr4rmWE3fTD6oAwHIAwKqBLACT9Blbjt3mOjdkfPG9b1lDL-AbvQXOX84XWd2tjqSygcVjPXuwSz0kcoZJYiqkBuW7KS07w2TvvilyDZgKdb2t2ONzAya5DZqv9JKRvLvSkaIyxtfyc1s28nT2hanNoG7Db7VsWEtqLFgIvclxhmJAbRNN2TfCfCXDLbOjd8iyf_Y-OPQRXLid7V3Zvf5eyUPcwHsRpawrux2tiTOb036qt2iENjRjAIUvLOmD9P6g8NJ0Z8EnWDibRJ0T4KS-wDFvz-q0K37RIWIgsk1eZryxck3g6MIDrJRiNwsDYym3zGgmJ4lVw7Azv6IzwGerXU_iDRtR1xj0IxkR09HwerffjE-Q0CNkq0mLuROqkh9s2AWcR8ZJzj-5oS58eWEQBfW9GAFCBOlZxP7ZSRIsJvHxsAE4vDqyeMCkgUECAQYAZIFBAgFGASgBjeAB-Oxkr0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqaZm0ggJCIDhgHAQARgfgAoByAsBwhMGGIXO7cIC2BMC0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=QRiyMGJVcbA&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChEwjcJvVYdHpHILJ_gSdgr6ABqXVnbEFjdzCup8Cpp6tjWsQAiDHg_wBKAhguwbIAQGoAwHIAwKqBPEBT9DC7aMFgVvkiDawmuRwF_SHcvgcLnU5V3Rsry-VkAEIzyyAq67GooofIcBFoUQkmb-s6EPM4rX9kG91Mp3xq2-G2wab7iVwpsdNHPTyCQqJw0NCg8l6l8_E0BescIa7TKLAsGk46qF4fe43mRicAbZKdn7fF-LbF72FgdIwxfLLvOPWGzHnYe56YOTjNTcVKh6oQJ_zr-J1sirRfQNIzfPKEWITZgAFu-MxZXYQaGv4O3TfRpAJboNy43Q6cejGZ8hc0237RDR-gUk_eW8Exsn3g1b-DbJRginaDoym3cRWm54lV_s2zP6Iz-Ntc5eEvsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqaZm0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=6BIEhN6YbWo&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrKiJcJvVYdHpHILJ_gSdgr6ABtv5wPhjkMjvsYQPwLTq248OEAMgx4P8ASgIYLsGoAGXu8OdAcgBBqkCDCgma571sj6oAwHIAwKqBMACT9A3eeklg9HkIkDfmr1lVfOOZ_QCIHgxWWt0qz-T2xBJwfnsFpfyrsEeacWvkPFNgqOo7wmQ9-2lkDZgcJr4vmOY1QuT4DpootdLV-WzB0qKiVpU28kwh9_VzBG8K4ztUbTCsGIuoK80eOE22gTXQ70Gd2jSEuaEG_6Kitchz-jF_-qaBn3wKfx2dejzfTNRKR_xWtPvveNrqibUeV7t4AojE1kTj8veJqyBJmgQaHvwO3TeQY0J_4WapCozGeseZchc0637ADR-AUk1eW8Exgn3g1b-DbJbginaDoym38RWm54lV_s2zf6IzfZornU_iMGbRV1j0GyC7xVVl1U-mZogdc5KV6UmLqSUOnFXb1ARCdwE2CzLmSutfk9oswTyUPGL-K-4XbRYpc_OUm0X176S-65s10WOCOuE2RJDepXABNG1kZ3QA5IFBAgEGAGSBQQIBRgEoAY3gAfRxLziAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKmmZtIICQiA4YBwEAEYH4AKAcgLAcITBhiXu8OdAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=K_c4wZyfylM&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CD7WCcJvVYdHpHILJ_gSdgr6ABqXVnbEFjdzCup8Cpp6tjWsQBCDHg_wBKAhguwbIAQGoAwHIAwKqBPEBT9DC7aUFgVvkiDawmuRwF_SHcvgcLnU5V3Rsry-VkAEIzyyAq67GooofIcBFoUQkmb-s6EPM4rX9kG91Mp3xq2-G2wab7iVwpsdNHPTyCQqJw0NCg8l6l8_E0BescIa7TKLAsGk46qF4fe43mRicAbZKdn7fF-LbF72FgdIwxfLLvOPWGzHnYe56YOTjNTcVKh6oQJ_zr-J1sirRfQNIzfPKEWITZgAFu-MxZXYQaGv4O3TfRpAJboNy43Q6cejGZ8hc0237RDR-gUk_eW8Exsn3g1b-DbJRginaDoym3cRWm54lV_s2zP6Iz-Ntc5eEvsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqaZm0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=cEw30h9g4Ug&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgVZDcJvVYdHpHILJ_gSdgr6ABq2cg6Rn_tH-79sO29keEAUgx4P8ASgIYLsGoAH6x96EA8gBBqgDAcgDAqoErAJP0C4E4CWF0eQiQN-avWVV845n9AIgeDFZa3SrP5PbEEnB-ewWl_KuwR5pxa-Q8U2Co6jvCZD37aWQNmBwmvi-Y5jVC5PgOmii10tX5bMHSoqJWlTbyTCH39XMEbwrjO1RtMKwYi6grzR44TbaBNdDvQZ3aNIS5oQb_oqK1yHP6MX_6poGffAp_HZ16PN9M1EpH_Fa0--942uqJtR5Xu3gciATERMlxxVJE9r3y_qDwyvWnwTVY-JtKHhPguHzHcVnPV-XWPjEwX2BvDZ5WgfGPPSDo_cNR1KC3NkOeaXfMVWbayZXDjXPC4vPA2uugDyJNJhEvWU7JDo6X-XY5VqU-5q69cxgPywN7IGRtdym9T0VepQyi9YfGq3Z4L7HviVn7ov4r79d-GnerMjABNL0nJ7hA5IFBAgEGAGSBQQIBRgEoAY3gAfut6F7qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqaZm0ggJCIDhgHAQARgfgAoByAsBwhMGGPrH3oQD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=lOUruIoGk7Q&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CH21IcJvVYdHpHILJ_gSdgr6ABs6VlKZn7b2ekYUP6tTb5o4OEAYgx4P8ASgIYLsGoAG6hcurKMgBAakCCafmnNS1tj6oAwHIAwKqBMACT9AxJ4MlhtHkIkDfmr1lVfOOZ_QCIHgxWWt0qz-T2xBJwfnsFpfyrsEeacWvkPFNgqOo7wmQ9-2lkDZgcJr4vmOY1QuT4DpootdLV-WzB0qKiVpU28kwh9_VzBG8K4ztUbTCsGIuoK80eOE22gTXQ70Gd2jSEuaEG_6Kitchz-jF_-qaBn3wKfx2dejzfTNRKR_xWtPvveNrqibUeV7t4AojE1kTj8veD8WyAWgQaHvwO3TeQY0J_4WapCozGeseZchc0637ADR-AUk1eW8Exgn3g1b-DbJbginaDoym38RWm54lV_s2zf6IzfZornU_iMGbRV1j0GyC4SNc-VQ-mZogdc5KVwPM2tuUOnFXTBYIC9oEqVj-my2tTkEHzQLyUPGL-K-4XewYtbDIUm0X177jj5tu0UWOCOuEkholeZPABPfKlujzA5IFBAgEGAGSBQQIBRgEoAZRgAe6vZuLA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKmmZtIICQiA4YBwEAEYH4AKAcgLAcITBhi6hcurKNgTCtAVAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=Rb2AlKsgKNg&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ck4O4cJvVYdHpHILJ_gSdgr6ABqXVnbEFjdzCup8Cpp6tjWsQByDHg_wBKAhguwbIAQGoAwHIAwKqBPEBT9DC7aYFgVvkiDawmuRwF_SHcvgcLnU5V3Rsry-VkAEIzyyAq67GooofIcBFoUQkmb-s6EPM4rX9kG91Mp3xq2-G2wab7iVwpsdNHPTyCQqJw0NCg8l6l8_E0BescIa7TKLAsGk46qF4fe43mRicAbZKdn7fF-LbF72FgdIwxfLLvOPWGzHnYe56YOTjNTcVKh6oQJ_zr-J1sirRfQNIzfPKEWITZgAFu-MxZXYQaGv4O3TfRpAJboNy43Q6cejGZ8hc0237RDR-gUk_eW8Exsn3g1b-DbJRginaDoym3cRWm54lV_s2zP6Iz-Ntc5eEvsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqaZm0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=pB2WLHBjznw&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBOc5cJvVYdHpHILJ_gSdgr6ABqXVnbEFjdzCup8Cpp6tjWsQCCDHg_wBKAhguwbIAQGoAwHIAwKqBPEBT9DC7akFgVvkiDawmuRwF_SHcvgcLnU5V3Rsry-VkAEIzyyAq67GooofIcBFoUQkmb-s6EPM4rX9kG91Mp3xq2-G2wab7iVwpsdNHPTyCQqJw0NCg8l6l8_E0BescIa7TKLAsGk46qF4fe43mRicAbZKdn7fF-LbF72FgdIwxfLLvOPWGzHnYe56YOTjNTcVKh6oQJ_zr-J1sirRfQNIzfPKEWITZgAFu-MxZXYQaGv4O3TfRpAJboNy43Q6cejGZ8hc0237RDR-gUk_eW8Exsn3g1b-DbJRginaDoym3cRWm54lV_s2zP6Iz-Ntc5eEvsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqaZm0ggJCIDhgHAQARgfgAoByAsB0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=4DtIsG1Cqy0&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1631035003&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388912156&bpp=7&bdt=568&idt=191&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=3472069565444&frm=20&pv=2&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063246&oid=2&pvsid=370256857010727&pem=645&tmod=997&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=gHtXyRvlCG&p=https%3A//www.bleepingcomputer.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 7DA9 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1845f5ca0b463e2c1e541342d0d1d4d40ad9d10ce62f19818393dec477b7757

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 16:25:34 GMT
content-encoding
gzip
age
507380
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
UGDHqIUs1H4yVn7pe5FJkWKVjOXx14fTiMGiyUte8NBM9_gKpw7uKA==
bl-0af0356-e68070b6.js
tagan.adlightning.com/freestar/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 19:09:13 GMT
content-encoding
gzip
age
65561
x-cache
Hit from cloudfront
content-length
19143
x-amz-meta-git_commit
0af0356
last-modified
Tue, 04 Jan 2022 18:53:33 GMT
server
AmazonS3
etag
"f32559453025fa80791a89a0f77ab2f9"
x-amz-version-id
Nk5RfbChTRFFt8yO7jMCw4Yj7.zrqDVJ
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
C-CeLK-Ub4nGt8e7fsJdQKHnsZ8RRgsP9mOiGnp6OqLSGXoy3AHzIg==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/webp
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
a20ccaf6978bd71c43456b6bc78288abdc57c3b6fa987eecb2e9f59b69d384e1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 10:09:06 GMT
via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
server
Server
age
11567
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-C3
content-length
662
x-amz-cf-id
tvxxPtBrZTU8evNrbCCBJq-qdvqIk_m1lGRdH2PU313-8X-J17O7uQ==
bid
c.amazon-adsystem.com/e/dtb/ 		177 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&pid=UBUNJ8vugNGyq&cb=0&ws=1600x1200&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
cc2ac1dfbdee15497630e1e749b0728e483e10fdb02fcee0340caf414c7d4e3c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
7VZ7NRKTJJ6H4E77ENEG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
177
x-amz-cf-id
aQqeW9Kb1z5PFRmG-Crfl6hXhL64b8nZYY66AzbhSv4IdrKErSVuMA==
bid
c.amazon-adsystem.com/e/dtb/ 		177 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&pid=UBUNJ8vugNGyq&cb=1&ws=1600x1200&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e115127def093f5e6f699a79ef6042014cb9c52e868423208694ec37f313211b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
E31RXJGQ6HXP8FR5FBTA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
177
x-amz-cf-id
tcEyHapzNpSk9kfAnDShfFAlQcvcjgkQBGoUZqw4bhPqsn33Ql0JuA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 02:41:11 GMT
via
1.1 a5e3b467ea385e6efe6a1a3ce283b4c0.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
38443
x-cache
Hit from cloudfront
content-length
6482
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Zr1hXpj12fDTHgnW-0ZNSLL-NeaJ13MHBvejhck8QIVPe6iaCXmVnA==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FQ5wH3xHNTFmTWgva3VKMXlFK3dCajZreFpjVjQrZXNTeGhLYWliS1VEYjZaZ1JFT3FvS25WQzNKcGtOd1ZDaS92eUR3ZC9FalFtUWRXSWdTU0h5R3ViaW5udVJ3Wm80SGhpSkpoSTVGN1pWTDRLbXBsY1lPRmJHUVpTR1ZlZWlBNGxlalRJRzc4MzZLRmZMNWI4VUxLNE5yZXBUYXVTWmxFbkNlUHFrT0ZsaWVLK3NXYkI0Z0Ixd1RlNG1qdDlSWkVORXFGbWtoZXdYb3ZtK2kxejRMaVZYOXUra3JkSDlMS3B5K0ZlZ3hlUkFWbXpkNmtDOTM0Z3ZlK2xxT20ySTVsTFk1fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1271
date
Wed, 05 Jan 2022 13:21:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
integrator.js
adservice.google.com/adsid/ Frame 657E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:48:40 GMT
content-encoding
gzip
age
1993
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
udW7sch-nw4tAJXbLnU6RszMNqwoaYIIAsA5BE9pr2i0W6cTtfezpw==
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54388
x-xss-protection
0
server
cafe
etag
7489837695308457557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jan 2022 13:21:53 GMT
womptv2nm.js
cdn.krxd.net/controltag/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 05 Jan 2022 13:21:53 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
471
x-cache
MISS, HIT, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a006-ash-prod.krxd.net, cache-bwi5128-BWI, cache-iad-kjyo7100061-IAD, cache-atl18470-ATL
x-response-time
0
x-do-esi
esi
x-timer
S1641388914.922357,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1, 42
logs
uat5-a.investingchannel.com/ 		0
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by
Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.183.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-183-147.compute-1.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
Jetty(9.4.12.v20180830)
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
logs
uat5-a.investingchannel.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.183.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-183-147.compute-1.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:21:53 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server
Jetty(9.4.12.v20180830)
t
jadserve.postrelease.com/ 		288 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ntv_mvi
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-200-15.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
9a24302675a692f64e2b9cbc3e681276add63a455141559b69befca3972d54de

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
232
expires
Mon, 1 Jan 1990 12:00:00 GMT
c
c.pub.network/ 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
us
capi.connatix.com/core/ Frame 5089
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=KY1KKVGS-1-D52Q
  • https://ck.connatix.com/cks?pid=11&uid=KY1KKVGS-1-D52Q
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=KY1KKVGS-1-D52Q&UserId=
0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=KY1KKVGS-1-D52Q&UserId=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
access-control-allow-credentials
true
server
Kestrel
Connection
keep-alive
Content-Length
0
content-type
application/json

Redirect headers

date
Wed, 05 Jan 2022 13:21:54 GMT
location
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=KY1KKVGS-1-D52Q&UserId=
access-control-max-age
86400
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
retry-after
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.249.203 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-249-203.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Wed, 05 Jan 2022 13:36:54 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
date
Wed, 05 Jan 2022 13:21:28 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
676204218
pixel
cm.g.doubleclick.net/ Frame 5089
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5089
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=050e61d5-9b71-4f00-a1bc-dfd497875439&expires=28
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=050e61d5-9b71-4f00-a1bc-dfd497875439&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif

Redirect headers

Date
Wed, 05 Jan 2022 13:21:54 GMT
Server
MT3 4133 baa842e master iad-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=050e61d5-9b71-4f00-a1bc-dfd497875439&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:21:53 GMT
tap.php
pixel.rubiconproject.com/ Frame 5089
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5089
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/RPtJtRvt6zO--IMeoARyyw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6402570270040152656
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6402570270040152656
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif

Redirect headers

date
Wed, 05 Jan 2022 13:21:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6402570270040152656
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 5089
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=&expires=30
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 5089
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5089
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdWbcQADT-oI8wAm
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdWbcQADT-oI8wAm
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641388914.238648,VS0,VE0
x-served-by
cache-atl18459-ATL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdWbcQADT-oI8wAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 5089 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
iu3
s.amazon-adsystem.com/ Frame 7321
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&dcc=t
299 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9b84b14b202c50ebc46f9e384faf635855140859ffd36c5a923c5ffeef64cba1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Server
Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
299
Connection
keep-alive
x-amz-rid
PT95Z4B7RS5PRW7ST0MP
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
ZH7RTDN94G1GQY70QZB9
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame CFD3 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 04 Jan 2022 18:47:16 GMT
expires
Tue, 18 Jan 2022 18:47:16 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
66878
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame DE11 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 04 Jan 2022 18:47:16 GMT
expires
Tue, 18 Jan 2022 18:47:16 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
66878
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
age
12643505
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1393504
content-length
84509
x-served-by
cache-atl18470-ATL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1641388914.349997,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
pixel;r=589850442;labels=keywords.Botnet%2Ckeywords.Brute%20Force%2Ckeywords.Malware%2Ckeywords.Ransomware%2Ckeywords.StealthWorker%2Ckeywords.Synology%2Ckeywords.Warning%2Ckeywords.Security%2Ckeyw...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=589850442;labels=keywords.Botnet%2Ckeywords.Brute%20Force%2Ckeywords.Malware%2Ckeywords.Ransomware%2Ckeywords.StealthWorker%2Ckeywords.Synology%2Ckeywords.Warning%2Ckeywords.Security%2Ckeywords.InfoSec%2Ckeywords.Computer%20Security%2Ctitle.Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware%2Ctitle.Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F;uht=2;fpan=1;fpa=P0-1915619956-1641388914399;pbc=a8ba9641-1c73-4b3d-9b45-203e79f1ab5b;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=bleepingcomputer.com;je=0;sr=1600x1200x24;dst=0;et=1641388914398;tzo=0;ogl=site_name.BleepingComputer%2Clocale.en_us%2Curl.https%3A%2F%2Fwww%252Ebleepingcomputer%252Ecom%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecti%2Ctype.article%2Ctitle.Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware%2Cdescription.Taiwan-based%20NAS%C2%A0maker%C2%A0Synology%C2%A0has%20warned%20customers%20that%20the%20StealthWorker%20botn%2Cimage.https%3A%2F%2Fwww%252Ebleepstatic%252Ecom%2Fcontent%2Fhl-images%2F2021%2F08%2F09%2FSynology__headpic%252Ejpg%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ebleepstatic%252Ecom%2Fcontent%2Fhl-images%2F2021%2F08%2F09%2FSynology__headpic%252Ejpg%2Cimage%3Awidth.1600%2Cimage%3Aheight.900
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:44af:4f54:8af4:5563 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
882.json
id5-sync.com/g/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
da407df3b1ea65d97c950196fa297df872f34afc11935f373f2b22232f159cd3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Jan 2022 13:21:54 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=370256857010727&correlator=78541288726666&output=ldjh&impl=fifs&eid=31063246&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220105&iu_parts=15184186%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dcontrol%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dpubmatic_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.47%26hb_adid%3D168a24e7c65da715%26hb_bidder%3Dpubmatic&eri=1&cust_params=user-agent%3DChrome%26section%3Dnews&cookie=ID%3D943cf567a505fdc5-2209ca4a07cf0039%3AT%3D1641388912%3ART%3D1641388912%3AS%3DALNI_MbTMUNVG6tnRiii9mOQaPA2NO1Tzw&bc=31&abxe=1&lmt=1631035003&dt=1641388914551&dlt=1641388911588&idt=1334&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3056404191&ucis=1&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
5e7fcc26391c6ab9fcf0046be1361f97048c35f6f17bcfea7b2deaa4702bfdf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8438
x-xss-protection
0
google-lineitem-id
5355615764
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138309466275
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 696A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 05 Jan 2022 13:21:54 GMT
expires
Thu, 05 Jan 2023 13:21:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
pubads.g.doubleclick.net/gampad/ Frame E4A5 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_18&description_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2888302465712256&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3102474806&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=E4D6D6A9-1337-4780-A2C6-CD878C04817B&nel=1&eid=44750604&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&loc=about%3Ablank&dlt=1641388911787&idt=2510&dt=1641388914565&cookie=ID%3D943cf567a505fdc5-2209ca4a07cf0039%3AT%3D1641388912%3ART%3D1641388912%3AS%3DALNI_MbTMUNVG6tnRiii9mOQaPA2NO1Tzw&scor=503925977794478&ged=ve4_td3_tt1_pd3_la3000_er1626.479.1785.785_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
prebid.media.net/rtb/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7f2868bb12a08d48bd982378095b09b19c428d5db5ae7d4a139f8f5d35d0d1a7

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
auction
c.deployads.com/openrtb2/ 		463 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_4.42.1&host=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
1b40bb42789b0b2148d44347c2f585a4cafde845e5867297c985f2b6b0ca5269

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
463
expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		47 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
005127d9b56e42629d58cb02a416252aae2de5b52166d879855b38bec05a7f43
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
72bfd588-7d50-4dad-a836-2e983df82158
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
cygnus
htlb.casalemedia.com/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2274ce9ac8b9667ef%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2275a9beb1c356323%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227667410a00ca818%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2277673ccd538623e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2278793a92f28eab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2279dab2e98969726%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22800d81b95c1327a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228165e77565a89c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2282bf9f8faff2ef7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22833982e9c7f4fc3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228461bcebcf439d4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2285461c803c455c6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9684d04690cd4dfbd10ffa59b52354c23b9261efd2bbfa13ee96d8f695500529

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
x-ak-initial-geo
CC:[US], RC:[GA], CN:[NA], CIP:[92.119.19.73], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
23
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
18208
x-ak-client-geo
23
expires
Wed, 05 Jan 2022 13:21:54 GMT
translator
hbopenbid.pubmatic.com/ 		169 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
211a946bc5687eb9ca1d7f3888ab17354c00ec3504855408ca08b28592e4ebce

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:21:53 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0db7b303f166ccaef7eb0f22146ae6502dd1d892561edf237dac64ac9e77f4dd

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194700601d06e7&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fa50403d97a58d82a2f93265e14d08fac34efc1729e339e71e91043a16b18bec

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
dcad926af3fa4bfc63ead68ddceebddc41491310b4168dc6e89b1ec1065feea9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
de1e3295c73e9e709cb79c3a89647a6f16a24d798f3ba9ed040c8a98a4e8d5aa

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707caca0954&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
017ed52b710e79777e00b532b51b4967657b8bef7a7ccad66045dd4253470a62

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969412017474441319470061cb06e8&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
864f0ce9d65968828761c9ae0da708eb0596ed496012242a1fd3ac3af0c37553

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707caca0954&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c7d5a8fe27242d6b7391910d6bdfc3cfee9687ad6b1a97b72d7f5a091556e70c

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969412017474441319470061cb06e8&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1df30087a6176d0bc5da931e2da135a26ace26117d72b24c5e354f978f6f34ca

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7e18d5c218f0251067e8384fa66b88bba8e2d9d375b101ec284bc4d72c550445

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194700601d06e7&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
763c2ecb7f2465ff810839237d1082b7fd8d6404f71e66bda24e57a5fc8deaf4

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7b693d8da29562f334ba025368dc2be7eb4dd9fe1af6e84c78be80f69a2efd36

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
prebid
ads.yieldmo.com/exchange/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.42.1&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22callback_id%22%3A%22111b7a06d299cabf%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22callback_id%22%3A%2211298d5ca023d65d%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22callback_id%22%3A%22113b6ee83333667%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22callback_id%22%3A%221148bd88f4bc7a29%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22callback_id%22%3A%22115ef8c91a57506c%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&bust=1641388914586&pr=&scrd=1&dnt=false&description=Taiwan-based%20NAS%C2%A0maker%C2%A0Synology%C2%A0has%20warned%20customers%20that%20the%20StealthWorker%20botnet%20is%20targeting%20their%20network-attached%20storage%20devices%20in%20ongoing%C2%A0brute-force%20attacks.&title=Synology%20warns%20of%20malware%20infecting%20NAS%20devices%20with%20ransomware&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=a8ba9641-1c73-4b3d-9b45-203e79f1ab5b&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.253.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-253-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
dmx.districtm.io/b/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d032c4b93eaeb-ATL
access-control-allow-headers
origin, content-type
auction
tlx.3lift.com/header/ 		19 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.42.1&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.33.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-33-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		588 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
36a7bb0524ef237d4f15edda3dadbef361f0fa800e46fb88c35bea2cedf5a9d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
40654b2e-d41e-48a1-ade0-98676f074e66
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
freestar-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d0d4c752-5db8-4295-b099-192c9972e29a%2C9ad0cb23-9277-4ef8-913b-c3a01ba8cf2d%2C8f2f4ab6-c3b4-4881-9c6d-285b86676a62%2C61559ac4-ab63-44a0-b9ad-e8d230c14fd4%2C16ea0cf6-738c-4e62-85d5-457d81c22148&nocache=1641388914590&pubcid=a8ba9641-1c73-4b3d-9b45-203e79f1ab5b&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250&divids=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&aucs=%252F15184186%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2C%252F15184186%252Fbleepingcomputer_728x90_320x50_InContent_1%252Fbleepingcomputer_728x90_320x50_InContent_1%2C%252F15184186%252Fbleepingcomputer_300x250_300x600_160x600_Right_2%252Fbleepingcomputer_300x250_300x600_160x600_Right_2%2C%252F15184186%252Fbleepingcomputer_300x250_300x600_160x600_Right_3%252Fbleepingcomputer_300x250_300x600_160x600_Right_3%2C%252F15184186%252Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%252Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
8d36539e976c1ee09265c23da9144e2f6298c133d187a46782c2fe156f6daca4

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1200&ts=1641388914591&src=pbjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.139.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-139-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:21:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2%3B2%3B15%3B15%3B2&alt_size_ids=55%2C57%3B%3B10%3B10%3B55%2C57&rp_schain=1.0,1!freestar.com,412,1,,,&eid_pubcid.org=a8ba9641-1c73-4b3d-9b45-203e79f1ab5b%5E1&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tg_i.fs_ad_product=banner&tg_i.dfp_ad_unit_code=15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%3B15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%3B15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%3B15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&tg_i.pbadslot=15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%3B15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%3B15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%3B15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&tk_flint=pbjs_lite_v4.42.1&x_source.tid=d0d4c752-5db8-4295-b099-192c9972e29a%3B9ad0cb23-9277-4ef8-913b-c3a01ba8cf2d%3B8f2f4ab6-c3b4-4881-9c6d-285b86676a62%3B61559ac4-ab63-44a0-b9ad-e8d230c14fd4%3B16ea0cf6-738c-4e62-85d5-457d81c22148&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=5&rand=0.3504258645898497
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a8aaaf4196d188a3bbcb0c2218ab5935b2309d2a07aa7ff3c7721bd1cceed69f

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
500
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:55 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.59.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-59-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Wed, 05 Jan 2022 13:21:54 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
css2
fonts.googleapis.com/ Frame CFD3 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 12:16:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 05 Jan 2022 13:21:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jan 2022 13:21:54 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CFD3 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:40:56 GMT
x-content-type-options
nosniff
age
139258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 03 Jan 2023 22:40:56 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CFD3 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 00:11:42 GMT
x-content-type-options
nosniff
age
306612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 Jan 2023 00:11:42 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame CFD3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 12:49:47 GMT
de974e0de653beaf8b7a147538108e14.js
www.gstatic.com/mysidia/ Frame DE11 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Apr 2022 06:18:47 GMT
ef71563f30928051bf5f5d97e506b840.js
www.gstatic.com/mysidia/ Frame DE11 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef71563f30928051bf5f5d97e506b840.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63cb35133865eac473826f95c6a9d64ff1fa3da71403ea4f1981e5de9bcd69bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3802
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Apr 2022 06:18:47 GMT
css
fonts.googleapis.com/ Frame DE11 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 12:10:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 05 Jan 2022 13:21:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jan 2022 13:21:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE11 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:13:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame DE11 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:16:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:16:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE11 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:20:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE11 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE11 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:13:40 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame DE11 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Apr 2022 06:18:47 GMT
pr
s.amazon-adsystem.com/v3/ Frame E337 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
446c42a6e68e04783baced6f8ba9c0bfdbb839f376675ac692ae411f774c61bd
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2204
Connection
keep-alive
x-amz-rid
30KHMVJ812RQPF6XEJF7
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 43F2 		805 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 05 Jan 2022 13:21:54 GMT
via
1.1 varnish
age
12643213
x-served-by
cache-atl18470-ATL
x-cache
HIT
x-cache-hits
288055
x-timer
S1641388915.662038,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
adview
googleads.g.doubleclick.net/pagead/ Frame DE11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COxTXcJvVYY3rHYfo_gSNg5WoCv35vZ1mpJ-bkqMPivz8ytkNEAEgx4P8AWC7BqABhc7twgLIAQGpAkOHDIBl00w-qAMByAPLBKoEtAJP0AQu8D6wGtemQaBhtbh1QqUcVB_fPQIgkr9z-yIVMGJugjk6Ugde1-0tDXiWuDWXSatv7FBbiq_1LSvFb-3IPRkqgosXhNMH-K7FAieHsTYH9ClUVb5u7An2YruoTZ_vTG0d7XlDPqQ5cRo4FZ5_cupUerxySs277XtuToZwnky3Rzfz838LpbqOPqI0qMgieC3htBsR7KwwmuoBtG5u2ZxycTC0FrrssnePJqwasG9BYTPjgye_P_JIHN3uSZUj_j31rKKeRvclDgQ9g0o-8KFlK8SlQ3FzK1xyFIqzDBLV5UF54aw2-w2nf6yWL-VtoTFUFhFB5hqcdcQ_DuSgTPE3uYZqe6l655notmBs1WApL3yI9aiLCmXh0YgFYvnsiNrqZIuHuE5l5DNdZs9LJC_9lsAE4vDqyeMCkgUECAQYAZIFBAgFGASAB-Oxkr0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQ6fOGAdIICQiA4YBwEAEYH4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=GJ0C1aIgN5A&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 05 Jan 2022 13:21:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ 		249 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a001-ash-prod.krxd.net, cache-atl18425-ATL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1641388915.806793,VS0,VE17
content-length
199
x-cache-hits
0, 0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9D8B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 05 Jan 2022 13:06:46 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ecm3
s.amazon-adsystem.com/ Frame E337
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=1D5525D15A044016B14FBC531747C717&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1D5525D15A044016B14FBC531747C717&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BTAQ1Z704K9DS920ADCD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 05 Jan 2022 13:21:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=1D5525D15A044016B14FBC531747C717&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 04 Jan 2022 13:21:54 GMT
truncated
/ Frame DE11 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c6ac5199973b70b918419307834cb45920715afea7fc0a1f554a056b64cc989

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
usermatch
ssum-sec.casalemedia.com/ Frame 2FC3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c195f2d699da962360691c21897f7cae0d07b516a19646287e2e1833452c011

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|230|241|131|8|130|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1723
Expires
Wed, 05 Jan 2022 13:21:54 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:54 GMT
Connection
keep-alive
/
match.sharethrough.com/jwumXNuB/v1/ Frame 9509 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.17.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-17-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2b37a02e98c3615c3042af99b2c87b8fce301d25e2de27aeb0d610dadc277b05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AB78 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=108636
expires
Thu, 06 Jan 2022 19:32:30 GMT
date
Wed, 05 Jan 2022 13:21:54 GMT
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 7BA1 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.188.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-188-249.compute-1.amazonaws.com
Software
/
Resource Hash
72f3f3cd7e9f5172238905bf829e33642b6a05e626a1bdada820fd831fa77250

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
usync.html
eus.rubiconproject.com/ Frame 81F1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jan 2022 13:21:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 6772
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMODEfwsb9sgrJwCS0bbUl3uFFeujQMonvHWcZilA
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMODEfwsb9sgrJwCS0bbUl3uFFeujQMonvHWcZilA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Wed, 05 Jan 2022 13:21:55 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
098WQ0ANPWA53TSY14PF
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

P3P
CP="CAO PSA OUR"
Location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMODEfwsb9sgrJwCS0bbUl3uFFeujQMonvHWcZilA
Transfer-Encoding
chunked
Date
Wed, 05 Jan 2022 13:21:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
ecm3
s.amazon-adsystem.com/ Frame C15C
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=2f45e45599bd1224&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcecZSxvCFAN-AXXOAAAAAAA&expiration=1641475314&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcecZSxvCFAN-AXXOAAAAAAA&expiration=1641475314&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
W4PDKXPF2EBP71XQ7DGV
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

server
nginx
date
Wed, 05 Jan 2022 13:21:54 GMT
content-length
0
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcecZSxvCFAN-AXXOAAAAAAA&expiration=1641475314&is_secure=true
amazon
ap.lijit.com/beacon/ Frame 3C97
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
34693650fa1c075ee49d1d196c375dc30a453567a343dc08ee75b67ec7ebaa75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
nginx
Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap5ewr1

Redirect headers

Server
nginx
Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ewr1
ecm3
s.amazon-adsystem.com/ Frame 7106
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=12724134863166359534
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=12724134863166359534
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_n-inmobi_cnv_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Wed, 05 Jan 2022 13:21:55 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
NEDWYQPMMSYE2RTVDYVA
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Wed, 05 Jan 2022 13:21:54 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=12724134863166359534
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
womptv2nm.js
cdn.krxd.net/controltag/ Frame 43F2 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 05 Jan 2022 13:21:54 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
472
x-cache
MISS, HIT, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a006-ash-prod.krxd.net, cache-bwi5128-BWI, cache-iad-kjyo7100061-IAD, cache-atl18470-ATL
x-response-time
0
x-do-esi
esi
x-timer
S1641388915.793232,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1, 43
media
direct.ad.cpe.dotomi.com/cvx/client/direct/ Frame 657E 		68 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/cvx/client/direct/media?sid=210064&placement_id=6b95896&vpaid=2&m=11&mdf=mp4&vastver=2
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:ae80:1451:17::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
server
nginx
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
css
fonts.googleapis.com/ Frame 451C 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 12:14:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 05 Jan 2022 13:21:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jan 2022 13:21:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 451C 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:13:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 451C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:16:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:16:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 451C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:20:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 451C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 451C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:13:40 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 451C 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 05 Apr 2022 06:18:47 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 43F2 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 05 Jan 2022 13:21:54 GMT
content-encoding
gzip
age
12643505
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1393506
content-length
84509
x-served-by
cache-atl18470-ATL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1641388915.892571,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
usync.js
eus.rubiconproject.com/ Frame 81F1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d5de6a492eec0c85725a0fb6a14dfb084d255c5915b03df9360f91d7630f3c1e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81255
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 06 Jan 2022 11:56:09 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9D8B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 05 Jan 2022 13:21:55 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 05 Jan 2022 13:21:54 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame B949 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4A25 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 05 Jan 2022 13:06:46 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ecm3
s.amazon-adsystem.com/ Frame 81F1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KY1KKVGS-1-D52Q
  • https://s.amazon-adsystem.com/ecm3?id=KY1KKVGS-1-D52Q&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KY1KKVGS-1-D52Q&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YESWETNJ55YS411MRAG6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KY1KKVGS-1-D52Q&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 7BA1 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g97548582c762dbe953e
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RMH7JRS1GR6FHB7MHAHZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame 7BA1
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6285311477415990070&pn_id=an
0
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6285311477415990070&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ad0904ff-f235-40cb-933c-f55472b96ca1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:54 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
9f8903c1-49d4-4609-86bf-34ec5b1a02ed
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=6285311477415990070&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 7BA1
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://t.pswec.com/bsw_sync?ssp=yieldmo&bsw_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=yieldmo&bsw_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=23608d05-c93e-4d54-8fa4-f180999fb4d6&expires=3&user_group=1&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.209.253.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-253-24.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Wed, 05 Jan 2022 13:21:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 7BA1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=1a63fcc3-1a56-4f35-8bf5-da845493f467
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.209.253.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-253-24.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=1a63fcc3-1a56-4f35-8bf5-da845493f467
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame 7BA1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=tzhAVoWfRqRKm_zjxtAwa1x3E0k
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=tzhAVoWfRqRKm_zjxtAwa1x3E0k
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.209.253.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-253-24.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=tzhAVoWfRqRKm_zjxtAwa1x3E0k
Date
Wed, 05 Jan 2022 13:21:54 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame 7BA1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=71tFyAgxDfjK&ev=1&pn_id=pp&pid=561118
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=71tFyAgxDfjK&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.0.188.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-188-249.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync-pp.ads.yieldmo.com/sync?userid=71tFyAgxDfjK&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-685df6f7b9-7vnms
expires
-1
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ Frame 43F2 		234 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60c7d97854bbcb0fc0fe30b925b982094a88e305bafa954e2afac152634b96ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a018-ash-prod.krxd.net, cache-atl18425-ATL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1641388915.039640,VS0,VE26
content-length
191
x-cache-hits
0, 0
crum
dsum-sec.casalemedia.com/ Frame 2FC3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdWbcBgovym-M.HPZmH3eQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2FC3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&expiration=1643980915&gdpr=0&gdpr_consent=
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&expiration=1643980915&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&expiration=1643980915&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 2FC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2FC3 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZYTEYMAYZZYKGHKRTN8K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2FC3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662315408922977
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662315408922977
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
6451
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c8d032f483363c3-ATL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662315408922977
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2FC3
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f2c757f6-80f6-43cb-b909-add5e66ce6ea&expiration=1672924915
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f2c757f6-80f6-43cb-b909-add5e66ce6ea&expiration=1672924915
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=f2c757f6-80f6-43cb-b909-add5e66ce6ea&expiration=1672924915
date
Wed, 05 Jan 2022 13:21:55 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2FC3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598515
43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598515
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598515
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum.casalemedia.com/ Frame 2FC3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475315
43 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475315
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475315
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 2FC3 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BZ1M7Y7X2D4Q694FZ3S1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3C97 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=d090700eca65dcfca356b80d&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NG3NG7TQK8NNEYN46WJV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 3C97
Redirect Chain
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=90&3pid=c24e3fc4-b6b3-4ed0-88ad-28248dda0577&gdpr=0&gdpr_consent=
43 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=90&3pid=c24e3fc4-b6b3-4ed0-88ad-28248dda0577&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
server
nginx/1.12.1
location
https://ce.lijit.com/merge?pid=90&3pid=c24e3fc4-b6b3-4ed0-88ad-28248dda0577&gdpr=0&gdpr_consent=
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
merge
ce.lijit.com/ Frame 3C97
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KY1KKVGS-1-D52Q&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KY1KKVGS-1-D52Q&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:56 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KY1KKVGS-1-D52Q&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
merge
ce.lijit.com/ Frame 3C97
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAFt-E7DqzcAABFrhrnOiw&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAFt-E7DqzcAABFrhrnOiw&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAFt-E7DqzcAABFrhrnOiw&gdpr=0
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame 3C97
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=d090700eca65dcfca356b80d&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=637414288351
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=637414288351
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://ce.lijit.com/merge?pid=66&3pid=637414288351
merge
ce.lijit.com/ Frame 3C97
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=d090700eca65dcfca356b80d&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=YdWbc2m6PAIk021fqRq0gBoa
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=YdWbc2m6PAIk021fqRq0gBoa
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 5 Jan 2022 13:21:55 GMT
server
Aorta/20211209.13ade2b
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=YdWbc2m6PAIk021fqRq0gBoa
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-18-249.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
8.gif
id5-sync.com/i/882/ 		79 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/882/8.gif?id5id=ID5*JoOgUENp5ngWNBLjLMcnBsiHtSQF7Yq0Zr58-u5Y8LMD4ji-vYrk5IlE4_ycWTvMA-NdKuCmzfcCiMkc3DcVxwPk-Q9N7XjyaA0nQ2nXX2QD5bRc1_2ph3JwYTnbSpjwA-Zg0WMzqvkzcFT0ZTYZCgPnOqg5z8z2gcdbuelPUiYD6DU7qn-qiFy8VCJoKZSgA-nBSzAE8lAoZ4vEjbDv7APqnhwLDvzUihdHNaU9CLED67QEY3YLOS6XiThf8c4GA-ydpQcx3MMmm2D53IE1GgPtlE_4ZrCWuXNp2-AzRfAD7tESVkF7pfit7KFWPWnlA-94DT0lhMp_syEfY3SVwgPwgWjVTqrWwRYuYKUuZGwD8QvbOa_p8URnJoZEsEpDA_JLpmBmwutai8J0S2vldgPzZVYHbTRc3cZoXFsESsAD9PiQWt5Vu4nbpbMfVlGnA_WTCGezumV2aqfArJR7fwP2eHeTh_ato9J-nHt-VycD94gCzmD_cyia_rSGFyl_A_i5Vv5f2Bnnes0RQnLc3w&o=api&gdpr_consent=undefined&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
06ecc1573d3bd555fe29b67a1f5f9a4f560413c5d3a979eb7ad1960866ddbad8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Date
Wed, 05 Jan 2022 13:21:54 GMT
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
bl-0af0356-e68070b6.js
tagan.adlightning.com/freestar/ Frame E06F 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 19:09:13 GMT
content-encoding
gzip
age
65563
x-cache
Hit from cloudfront
content-length
19143
x-amz-meta-git_commit
0af0356
last-modified
Tue, 04 Jan 2022 18:53:33 GMT
server
AmazonS3
etag
"f32559453025fa80791a89a0f77ab2f9"
x-amz-version-id
Nk5RfbChTRFFt8yO7jMCw4Yj7.zrqDVJ
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
g-EZU1F2z6tIw9a957vJ8v9_7NvFVVHjLwamdKCjGQ8RURzKTRcbNg==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame E06F 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 16:25:34 GMT
content-encoding
gzip
age
507382
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
sttJlydEP9fmKEzL858nSdG1IGVCG57_iJJgLvr8MG03XyUM8XZj4g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E06F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:55 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		159 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=370256857010727&correlator=78541288726666&output=ldjh&impl=fifs&eid=31063246&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220105&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x90%7C970x250%2C1x1&ists=1&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D982860%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dpubmatic_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.47%26hb_adid%3D172f1483888fe062%26hb_bidder%3Dpubmatic%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D982860%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_320x50_InContent_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dpubmatic_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.47%26hb_adid%3D17587f7bac728e59%26hb_bidder%3Dpubmatic%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dcc2c74%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_2%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dpubmatic_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.47%26hb_adid%3D176d0bfba1e074a1%26hb_bidder%3Dpubmatic%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D3a6370%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_3%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dpubmatic_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.47%26hb_adid%3D178368282eb8b01f%26hb_bidder%3Dpubmatic%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D982860%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_BTF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dpubmatic_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.47%26hb_adid%3D1801161502a419f8%26hb_bidder%3Dpubmatic%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3De6c4f6%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_1x1%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&eri=1&cust_params=user-agent%3DChrome%26section%3Dnews&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&bc=31&abxe=1&lmt=1631035003&dt=1641388915272&dlt=1641388911588&idt=1334&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C268%2C1082%2C1082%2C436%2C800&adys=271%2C4346%2C1730%2C2481%2C5858%2C6414&adks=960084856%2C4047242158%2C2389526111%2C523518761%2C976516616%2C2635258439&ucis=2%7C3%7C4%7C5%7C6%7C7&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x280%7C834x90%7C306x600%7C306x600%7C1200x250%7C1600x6592&msz=1170x250%7C834x90%7C306x600%7C306x600%7C1170x250%7C1600x0&psts=AGkb-H_rWHUWwW32Xok9D-91GmsKZvvNhJO8JXOYMNrB4LZV9RQS9-zeGXVTHzUj1vkZe53NVzTO1pz34kWB&ga_vid=951479884.1641388912&ga_sid=1641388912&ga_hid=725107795&ga_fc=true&fws=4%2C4%2C4%2C516%2C4%2C4&ohw=1170%2C834%2C306%2C306%2C1170%2C1600&btvi=0%7C1%7C2%7C3%7C4%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
9accf506ec4cfa8a192410698197b965671f7c2374caaabc40fbc1d26cd44519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34130
x-xss-protection
0
google-lineitem-id
-1,-1,5334928036,-1,5334928036,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138307546606,-1,138307546369,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2753 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156592&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=156592&s=&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3Dea5e916b51b048cabf316983e9db96c7%26DemandPartnerName%3DPubmatic%26DemandPartnerUserId%3D&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 9509 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NQ1A00NQ32KS3T8CT5M0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 9509
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KY1KKVGS-1-D52Q
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KY1KKVGS-1-D52Q
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.65.17.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-17-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=KY1KKVGS-1-D52Q
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
v1
match.sharethrough.com/sync/ Frame 9509
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.65.17.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-17-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 9509
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://b1sync.zemanta.com/usersync/sharethrough/
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTE...
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=ZVMZFIx65tcLnTTmmiuI
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=ZVMZFIx65tcLnTTmmiuI
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.65.17.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-17-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:56 GMT
P3p
CP="We do not support P3P header."
Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=ZVMZFIx65tcLnTTmmiuI
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
136
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 9509
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.65.17.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-17-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-length
68
content-type
image/png

Redirect headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
246
Expires
-1
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4A25
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 05 Jan 2022 13:21:55 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 05 Jan 2022 13:21:55 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usermatch.gif
beacon.krxd.net/ Frame 43F2
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2xWXzE2eGM
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1641388915
x-served-by
beacon-n014-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 43F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2xWXzE2eGM
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1641388915
x-served-by
beacon-n035-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEQBi99K647vXg-UtqlROe0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 43F2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OlV_16xc&gdpr=0
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=50 t=1641388915
x-served-by
beacon-n001-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
379708.gif
idsync.rlcdn.com/ Frame 43F2 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OlV_16xc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 43F2
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OlV_16xc&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOlV_16xc%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OlV_16xc&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OlV_16xc&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1641388915
x-served-by
beacon-n003-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OlV_16xc&partner=bluekai&bk_uuid=$_BK_UUID
Date
Wed, 05 Jan 2022 13:21:55 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame 43F2 		64 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OlV_16xc&rn=1641388915
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-24.ewr50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 f1742871ff3f5482a0c79a4d483d78a9.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
LhQwRvce2jcOF8Mbltb3R9ATUYA2IPPJy_vufwlWtSvfprqZ3zNSbg==
/
ps.eyeota.net/match/bounce/ Frame 43F2
Redirect Chain
  • https://ps.eyeota.net/match?bid=i0r4o4v&uid=OlV_16xc
  • https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=OlV_16xc
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=OlV_16xc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:55 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=i0r4o4v&uid=OlV_16xc
Date
Wed, 05 Jan 2022 13:21:55 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 43F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=6285311477415990070
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=6285311477415990070
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1641388915
x-served-by
beacon-n007-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2cf75ce9-3636-445f-8be1-80a92f3cefa4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=6285311477415990070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
image.sbxx
ib.mookie1.com/ Frame 43F2
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=OlV_16xc
  • https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=OlV_16xc
120 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=OlV_16xc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
HTTP/1.1
Server
64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
be31-199.crrt01.las04.flexential.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS03
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Wed, 05 Jan 2022 13:21:55 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=247532&pid=314&xid=OlV_16xc
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS12
Content-Type
text/html; charset=utf-8
Content-Length
193
usermatch.gif
beacon.krxd.net/ Frame 43F2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=54621527-E2AF-48B3-9A20-16DF7E99F819
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=54621527-E2AF-48B3-9A20-16DF7E99F819
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
cache-control
private, no-cache, no-store
x-request-time
D=69 t=1641388915
x-served-by
beacon-n022-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=54621527-E2AF-48B3-9A20-16DF7E99F819
date
Wed, 05 Jan 2022 13:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
398696.gif
idsync.rlcdn.com/ Frame 43F2
Redirect Chain
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OlV_16xc
  • https://idsync.rlcdn.com/398696.gif?partner_uid=9009067423290509105
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398696.gif?partner_uid=9009067423290509105
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp3.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://idsync.rlcdn.com/398696.gif?partner_uid=9009067423290509105
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame 952D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
via
1.1 google
alt-svc
clear
view
securepubads.g.doubleclick.net/pcs/ Frame E06F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2ZDA_EUk7ZYYreKUjCre91FXxBlbRUqTC9UPqBHV51dVrYv6l0_Ymw842k93Vjo8Gy2GhlSmDjm8NPyCV5iYpEAdgMtfWSsEhdZCa9O78_TcypbM6uDvS8mII4MwHojT7nwyGQpjg-cFhTgY9yHKCofzE3PtSbRquYMHiYCCKTaOdjnSehZeJoiA8jHO6G9CB5HyBX25Zuf_OJTaDLUY0Vf_u2U5f6P98zbBwbneexxj-Dg2NJTRjnaXmtTqOkNeTW4X0sJu1Bx6nPNFwtyRbaFw_WG9LsvJG9WkfI3uskJrt_CTN5QhZi14-Z8t5pLLxb_3gGhtXTHE2muzykpwpJxeZ53zVjjGv6CALDIcKaCH_&sig=Cg0ArKJSzJahDCKjbOlaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb04f17cbb19351ff7460524e005ddbb927ea427730ce0de1bb56e778782eaa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8d03333b0e8d79-ATL
date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 06:41:55 GMT
server
cloudflare
age
9592
etag
W/"d36-5d4d00cb9988a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Wed, 05 Jan 2022 11:42:03 GMT
truncated
/ Frame E06F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
208b7aabe6e7364400912be1f1d5605f303c7b8e133e8799e5c218f3059dcae8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E06F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvICUmMkSQdzuUF_Yv25l8RvRtEFGJJDb5g9Hz2-EW16BKBtP7TdgTVZ34HC60-efS4lLt8Cqs2-qvAzzM-sBXILS4tt6Ii2L85OlMPc2UhdugJO57tY0Oq9i_VlqQL5QSpjB2OosU7EcMl2o4iZwi9lcG6FrLzOtD1hbPjsCOVSY3dBw96Ce62k1jbq1FstVD8SgJSGqzHsMeXju2mY7VCkfAPgFVXgvN-px0daqemScJpY97BKzdpVkNGXIAqEP4yeWlIGrdlU5cdAgVDqUoKiBHGVO503BNcpogYSDKzCEqOKyqvPRzgG2ZsS8lBXuXkGD_HScx53ulC6UsNLellb97kN0PTYv6CbkH-5EMvrkwbDR4&sig=Cg0ArKJSzP7slzpLtSBrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 Jan 2022 13:21:55 GMT
demand-source
d.pub.network/ 		59 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
0b03c4e89b248daeb0c2ed482fb6c31e6c2863e9dc0eb650b65a38b7367e9513

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
integrator.js
adservice.google.com/adsid/ Frame 657E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame EE17 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_10&description_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1565038358327911&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=513632403&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=1AF3BFB2-626A-496C-BEFC-9D375E0DFE86&nel=1&eid=21064201%2C44737473%2C44750604&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&loc=about%3Ablank&dlt=1641388911787&idt=2605&dt=1641388915809&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&scor=3400145839071722&ged=ve4_td4_tt2_pd4_la4000_er1621.479.1780.785_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ice.js
resources.infolinks.com/js/1771.005-3.025/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1771.005-3.025/ice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a892e22e10dd05e4beb9ab83b029569d4cecf8315d1cbcccb28e01b2e19fcd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8d0333fc548d79-ATL
date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 29 Dec 2021 10:27:21 GMT
server
cloudflare
age
10120
etag
W/"2c41c-5d4466212bbc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 04 Feb 2022 10:33:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DE11 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8TipatVNmX9ipQR_O9-ypa-KqFinRRsN-EDe3JL1LhELY8wmdDyjKmiq_4o9ETu_hGDIk_8iDb4SDiCxLXx2gLFKTj-cmrCXp6LREjsTXDBZOo5eIcA&sai=AMfl-YSeP0ccpg-Zu0nZ1Bx7EYGW3iEOzpcx9uhdXjbpqns6lWPvoxWTNEFcGwV81micb1XlJ3VgqO_wBo2t&sig=Cg0ArKJSzGpfP-rhRCcSEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=192,1001,1001,1001,1001&tos=192,809,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641388914324&rpt=574&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
manage
router.infolinks.com/usync/ Frame 3669 		250 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1771.005-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
447801b0959c68d0e7a289a4cfa5ff65fc776be35cb292a43ce170ab08fdf10d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
content-type
text/html;charset=UTF-8
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8d0334ddd18d79-ATL
lcmanage
router.infolinks.com/usync/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
gsd
router.infolinks.com/ 		326 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3248511&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&jsv=1771.005-3.025&_cb=16413889159620
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7991029fa688ccfbfacbea0357dd80dac66eab87448014baaa256d5a7bc095e2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
6c8d0334ddda8d79-ATL
expires
Thu, 01 Jan 1970 00:00:00 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:55 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
media
direct.ad.cpe.dotomi.com/cvx/client/direct/ Frame 657E 		68 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/cvx/client/direct/media?sid=210062&placement_id=a505873&vpaid=2&m=11&mdf=mp4&vastver=2
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:ae80:1451:17::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:56 GMT
server
nginx
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
doq.htm
rt3002.infolinks.com/action/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3002.infolinks.com/action/doq.htm?pcode=utf-8&r=16413889160681
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1771.005-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51d0433ffd73aa6f3e3b48ff1b908b8343798b44a401eeffb35f2685327b77be

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
en-US
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
6c8d0335faa763cf-ATL
expires
Thu, 01 Jan 1970 00:00:00 GMT
tag
slckg-kqe2e.ads.tremorhub.com/ad/ Frame 657E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://slckg-kqe2e.ads.tremorhub.com/ad/tag?adCode=slckg-08nki&playerWidth=834&playerHeight=469&playerPosition=1&mediaTitle=%5Bvideo_title%5D&mediaDesc=%5Bvideo_description%5D&mediaId=%5Bvideo_id%5D&mediaUrl=%5Bvideo_url%5D&srcPageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&contentLength=%5Bvideo_duration%5D&gdpr=0&gdpr_consent=undefined&schain=1.0,1!connatix.com,102734,1,,,,&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:e715:23fc:28e9:ce6e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
73e1d661da97f11a17cd2bb520ecfde66de86813f0d2dd57dadfcac647272d23

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
bl-0af0356-e68070b6.js
tagan.adlightning.com/freestar/ Frame 9CFF 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 19:09:13 GMT
content-encoding
gzip
age
65564
x-cache
Hit from cloudfront
content-length
19143
x-amz-meta-git_commit
0af0356
last-modified
Tue, 04 Jan 2022 18:53:33 GMT
server
AmazonS3
etag
"f32559453025fa80791a89a0f77ab2f9"
x-amz-version-id
Nk5RfbChTRFFt8yO7jMCw4Yj7.zrqDVJ
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
maBfNwWV0AYArDwBEZ6rAuA9-YaRMOSuYLh9bdps42-KN9kkOyS3uA==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 9CFF 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 16:25:34 GMT
content-encoding
gzip
age
507383
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fPkKiUbiqShf0LUk2fPNfvMrkMdargKkKdlp9X8ovX1cApBHKU5oCw==
container.html
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D5A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 05 Jan 2022 13:21:54 GMT
expires
Thu, 05 Jan 2023 13:21:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bl-0af0356-e68070b6.js
tagan.adlightning.com/freestar/ Frame 6C9B 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 19:09:13 GMT
content-encoding
gzip
age
65564
x-cache
Hit from cloudfront
content-length
19143
x-amz-meta-git_commit
0af0356
last-modified
Tue, 04 Jan 2022 18:53:33 GMT
server
AmazonS3
etag
"f32559453025fa80791a89a0f77ab2f9"
x-amz-version-id
Nk5RfbChTRFFt8yO7jMCw4Yj7.zrqDVJ
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jqJ1278xtI6U2mcG3bPfRrgb8Wy_67yMh-9mbtSzxUK0TpcyES-TfQ==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 6C9B 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 16:25:34 GMT
content-encoding
gzip
age
507383
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ttETvRqNQgT8ZoJ_e5hSW_WN_tDjmMlVUJtN5MgS9wIlzxtC0Y0n1w==
prebid-universal-creative.js
a.pub.network/core/ Frame 6C9B 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9642f5fbeff6a11fd1e8d29f62481cc23514472fb51d0d1e4ee4f257dbc8af3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=Mv5J2Q==, md5=qhZ9KavhQaYEZZQvkPC+nQ==
date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64689
x-guploader-uploadid
ADPycdvxZJpOTmr35I47BVdlBPlP4IKTJErkUUM59LOW5Nn5KGnrgBH_ZMLwe4CAO3bftm7PDMakdT4yuXIvmgCV1g0zLuAWaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Tue, 28 Sep 2021 15:52:36 GMT
server
cloudflare
etag
W/"aa167d29abe141a60465942f90f0be9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl%2Bpjq3S7Q7ihMp7laKDZyOUwoaW1pe%2FZHhp615y12boZFL8WvoqKZuBE1dblA%2BAmR3JAL%2Bpt6GAZvQVdNofPNQjtJDY0Di48lB9b8reng6IsGfXrHhJqTs9lAQ87GjRorUbit9bmCdpWss%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1632844356805025
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
26661
cf-ray
6c8d0336bafc8d7f-ATL
expires
Tue, 04 Jan 2022 20:23:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C9B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:56 GMT
bl-0af0356-e68070b6.js
tagan.adlightning.com/freestar/ Frame C244 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 19:09:13 GMT
content-encoding
gzip
age
65564
x-cache
Hit from cloudfront
content-length
19143
x-amz-meta-git_commit
0af0356
last-modified
Tue, 04 Jan 2022 18:53:33 GMT
server
AmazonS3
etag
"f32559453025fa80791a89a0f77ab2f9"
x-amz-version-id
Nk5RfbChTRFFt8yO7jMCw4Yj7.zrqDVJ
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fY7O_Jd3eyqg7NqBQdKwAbKCHj-kgGBRVrcLuvXSzro4BKDNTSz6aA==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame C244 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 16:25:34 GMT
content-encoding
gzip
age
507383
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
XT91Bm9wsObbLvPK5r8wKbbtO9VN3TVEgwnwxybJH1cjEGa1009P2g==
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
via
1.1 google
alt-svc
clear
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
via
1.1 google
alt-svc
clear
bl-0af0356-e68070b6.js
tagan.adlightning.com/freestar/ Frame EA6E 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 19:09:13 GMT
content-encoding
gzip
age
65564
x-cache
Hit from cloudfront
content-length
19143
x-amz-meta-git_commit
0af0356
last-modified
Tue, 04 Jan 2022 18:53:33 GMT
server
AmazonS3
etag
"f32559453025fa80791a89a0f77ab2f9"
x-amz-version-id
Nk5RfbChTRFFt8yO7jMCw4Yj7.zrqDVJ
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ZJKOLnDV_kprR51tEBPb6xgk2w88PBS8pp0SBcS7Ov5hySev5HRSwg==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame EA6E 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 16:25:34 GMT
content-encoding
gzip
age
507383
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ZFz6-rfjEcU3M95acESoY0bQB-Y_RwtN6-idcUZ2Uj44uhd0o28OYQ==
prebid-universal-creative.js
a.pub.network/core/ Frame EA6E 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9642f5fbeff6a11fd1e8d29f62481cc23514472fb51d0d1e4ee4f257dbc8af3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=Mv5J2Q==, md5=qhZ9KavhQaYEZZQvkPC+nQ==
date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64689
x-guploader-uploadid
ADPycdvxZJpOTmr35I47BVdlBPlP4IKTJErkUUM59LOW5Nn5KGnrgBH_ZMLwe4CAO3bftm7PDMakdT4yuXIvmgCV1g0zLuAWaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Tue, 28 Sep 2021 15:52:36 GMT
server
cloudflare
etag
W/"aa167d29abe141a60465942f90f0be9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNM343EDFXu21emGlJrwhOj7E1xJfFdwqirdXytoEBor18GxtOfF8M8faNmAgKr29wLurpyABwaDPmcAElTCZWCuvY4SkTxTlJs9MKfzATU9hz%2BuRUFNMs4oDPZGazIbOSWahcxhJb0%2Fe%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1632844356805025
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
26661
cf-ray
6c8d03373bfe8d7f-ATL
expires
Tue, 04 Jan 2022 20:23:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA6E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:56 GMT
demand-source
d.pub.network/ 		61 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2b0eddbc204aa7e7609e5fb7a4ef51ec6862254fa0049969609381ca4b4ff1ca

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
demand-source
d.pub.network/ 		61 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2b0eddbc204aa7e7609e5fb7a4ef51ec6862254fa0049969609381ca4b4ff1ca

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=exponential%2C_dmp_lotame%2Cdeepintent%2Cadgear%2Cacuityads%2CTapAd%2Cadvangelists%2C_supply_taboola%2Cdynadmic%2Cbrightroll%2Czypmedia%2CSundaySky%2Cmediamath%2C_dmp_turbine%2Cconversant%2Cgoogle%2C_google_dfp%2Ccentro%2C_dmp_krux%2Cquantcast%2Cmartinai%2Cblis%2Cadelphic%2CBidswitch%2C4Info%2Cbeachfront%2C1%2CVideology%2CRadiumOne%2C_dmp_adobe%2CBidTheatre%2Cdataxu%2Cmadhive%2CPulsepoint%2Cindexexchange%2Cbeeswax%2Cappnexus%2Ctremornet%2CTubeMogul-GP%2Crocketfuel%2Cadform%2Csimpli.fi%2Cadtheorent%2Cemx%2Cthetradedesk&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&init=true&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f9cdccf5cd2da244d74d2953328ebf308071d5ed694ec021bea083a49e1e3e79

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
in_search.js
resources.infolinks.com/js/1771.005-3.025/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1771.005-3.025/in_search.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8d033769f38d79-ATL
date
Wed, 05 Jan 2022 13:21:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 29 Dec 2021 10:27:21 GMT
server
cloudflare
age
10036
etag
W/"1eb61-5d4466212bbc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 04 Feb 2022 10:34:40 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Wed, 05 Jan 2022 13:21:56 GMT
pbice.js
resources.infolinks.com/js/pbice/3.025/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8d033769f48d79-ATL
date
Wed, 05 Jan 2022 13:21:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 09:40:59 GMT
server
cloudflare
age
2550
etag
W/"45adc-5c5f8851c3ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 04 Feb 2022 12:39:26 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 9CFF 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9CFF 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9CFF 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9CFF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9CFF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
css
fonts.googleapis.com/ Frame 9CFF 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 12:08:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 05 Jan 2022 13:21:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jan 2022 13:21:56 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CFF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 11:29:33 GMT
x-content-type-options
nosniff
server
cafe
age
6743
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Thu, 06 Jan 2022 11:29:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CFF 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 09:37:57 GMT
x-content-type-options
nosniff
server
cafe
age
13439
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 06 Jan 2022 09:37:57 GMT
l
www.google.com/ads/measurement/ Frame 9CFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOl6Qa_Z4yU3KUhyLeK8f39xx4gDti7uOOqZosFG-AcQQAEgLMEWbIE3MsOJUBx3-cQAELZgloBKOmuB1eetVMs9y5WQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 9CFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9cbSc5vVYaiQF4PKnwSrxqjwCcmBn-NioMv7mI8OpOfy7ZUCEAEgx4P8AWDJzqSKpKSYEKAByY_IhQPIAQHgAgCoAwHIAwqqBMICT9AJYkP8ojJQWMpmZqqFyAUeNecnFD1CoJMsDSAEP963CcNGA5BXoKvhhL-TgbL5jZeuIP1HpmCpd9w5fJoDiuVLlMud3IHOO9SojsHb3uCNTWLwQhxS1TsPdv_Wruq_RKHBZU2Y59aPjsMeK1T_E9miXMWaH5YKqBhyv_7Y1Y-lDVLDYAO2HRWhct6kBJKUyKv-8iBC9loHaiVoO-3nAzPn2W89RGKYgS4AgV-FvXsQObEteCY_8ViHZL9Y2K1CjVomA4mlIdqHe5ddkeG2iG7KyEM5ZqPVDRqsmTdN_wkhasUG9sGHrcu6ShjXTonK-Bb6loIrwjolLR3xgos-UdpfN1R4hVkjuiEsjJ8NlK8ZLWeJFGj8tRjidu0JCs8skMEk-bHpvhFs-X8lBlF0UpABpPHJz16d5Nuii4OgS8473cAE1Ya97cgD4AQBkgUECAQYAZIFBAgFGASgBlGAB5_wt3qoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCfmi_SCAcIgGEQARgdgAoByAsB2BMNiBQC0BUBgBcBshceChwIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYusgX&sigh=-xv2Mz0_wTY&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=google%2Cconversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3265548bdb602ddc84a3279b973a9bcadb237796e59aeb87177ae1ae084e0dba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
view
securepubads.g.doubleclick.net/pcs/ Frame 6C9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn7Snb1_FDgpMmWhFK7snGMWC44XJPnZt0BszOiZieOHAGckf6EhlGtndRmTa82V0LNXK1NTy4nqDPqgxq3nmcsUA9ir-oudZEJI_tsA0zT7xEwlmy3T76QuzHX64NplGeezJ0j3b2lscjm8bWqgEnxVNYytfNE8T6JX9vglBEo0aLobDIAO8MYTH27dTNAlW7qfKkzwlzcY3Lf53-hyChk7WD2IQ9cjynVUaxq1nTeze7X6OCoAJ_Qp3ZadunCXCgp9ZQvxBiyv11EEje_DH-AJDHjemO-C76Z0ufL1rwf8-a1tI_ogqa12ven-5eX_qKpGJmHcVOf_bq3wCtPdOxSJjWwyrf0kyJ6hfYTDVZRVDToaQC9A&sig=Cg0ArKJSzC7V-99cT0j8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6A95 		663 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGILDyaIBMAE&v=APEucNVzIKsQsmCZVThDYGgXMNbBoTuDcnDnq2dPOoz4R3kKIemjV5yLdoDUvziCZCDJeUmAuESAQU62k-cu5T5_so98daDkTg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 05 Jan 2022 13:21:56 GMT
server
cafe
cache-control
private
content-length
292
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 6C9B 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3wOYFFsAzF4sOPpv86XafBWDWMc0RfmKp-SSJwATmQy01fkcYr0uzhtOsctV_3aXnRUDpIYQUPVzByGOyfdER9mMFDhsAio7I1b_UO3_XlmBtx1jGfDxFxFjYaqB1uZZu2IE6muDYqaBJZNsF45I5cECxhw&cry=1&dbm_d=AKAmf-Ces-d_eN9Uu3XNqaNXnPJUi_cvzc5_1lOftpppx_nA2nw1-GKx13FlPDyUHKz1hEVFRJci6advA-yQZAkzpXyEEwXeyCkGolhoPp4VmwKsSlPalYPKzqkQ5UKPFWQVXX6Lr8_1q9sXplQCuC-0I3QhU2wqC18Ao7NmyCGvPNF6Dh564jiXxr5evmiXcS9HMgqcZqcnsHIK2HNGYeQgS9D9ekpNRM1u_haqK5UB246cWRClI4UfFmXKAMPygiRujkEZoFiNuS3SXJeK6SqTJGo1G62PbUSnDw6C-nrG0I2WgVVvJJY5acD9p5t59yrhW3DaW6tuVrdpya7YfFYo0aMybD3rmStwDJRc0a7jQre53jzJ6-hxLPdjyBFsW_MHp3zfmfscvKsvEytlNtsz83xIKUn-NGaTtAi6ZDBSxrTkG5lo3PMDLjncwStqELIxy4aekD4Dcn-gbJvuDmxfYtFmqHwtwsplOtxeKFJ8iDGwBzCytvHd4uMU2zAUbO0PTnSdtAWBFQ1YRDqqaQWcTxZjZA1KzEQJCxHHaVkWqXSlFgp9qEjdluYBuAlFoRyqfPCg5j2B5xiffBrlFP4iy2icQpqjpDGa_ZC8sqAwO2au4EHeR8shFPBPDodrepMMtE0hJhLgOfL4oOE5eel7FTd2ZEJWguZ7ri8YnpZCLUGZijy_uF02g-ftX1RUpTe0yWGBQaSGZrmTfCTrl3LDbYNoVMvFA_2XpzqhzzOPfCVePkZIwkPK_BccY-o_X71P7KvKkJBTML1nrH8ETyHQH3eoPsCKOOFi7WK01BY1D8k3iDTngPsF65herbIlj2FAakK6l9brJ_E2Rftr9AHHknP-lpDYh-FVyxnADAS8VEyaCKSbvHoTaaoKOglYEfKg028XiNHDGWHgntbX6b2qRF5Pk3vet18HFwSyoztAxRD6PfMpp84625Rz4YaGjAfmdj0dwUO2jyYjZP1eGRULGdUQZCEmAUnGM8avkWNpe-NxmUG51AIcPDHc9cP5LdlZ-2ddFKBoeb8hd-L6IcaOs1iODp-It-d0k4uTX-NWFY_AeUElXX4WfZ5a2vkuA1-7lPQsE_KsGrdcn29WPsXqX5fQBRmrb521z2DjyxtdU9HlUK52rwKniljGgcHIlW7qF6QTXnEpyqMGzUORcjMk-DPcp1QQ2aoBD5P-Zv6iHIUnCgxKWUPdTL2Rt9gW-35Ho_EpmA7ICHZe-UNXnepFe9lb04Zd1WJ7WabkK6kJxnowJk0enSMxKEdnlqkHZB4aAUaUbthKl8pf9Msc8aYw_3cOt76F7aoIsl_VHaHI5RConmAOVAY5PSZV3W_GGAxSBHUdOfatKUVw9EXHdWfZ62ivHqZ8C19zdaICocjzQNchTfuPkO1Z989DB-a-riPxmfSRCJnwCyjPiLdWRDgYfnZiKi2NYERtvNoVeHdZZbxxFdjBtu5rfiaYuTb8-gxAJggV41l8RbP046I3e0GFoMS9AC-cePYho9MDh4OooAW9byTnQQRbdc2vZiNAwi8vDaTN1a9iAucEhrlier7CMcDFdKnyWgAQKTK68JSb9-X_LU5wFd_hq9hHQ-bzUNNk-NiH8x2JyHpRiaxoaEH1TMan4pvK3qckw8M5G239O3-talfQ9EcaY6owxqDriaD3iNU-UrBsXUBEhh_t6pzWfgLtfx_v1e1LrIjxfSCkao7J9Uo_Stw50uiCjMit7uFB-72UpogZSI4JKItVExl4n8_cGgo-He6eN6XoH8aKAP0WyATzQ2yxcinXKcDiu7J0dgxMti-ET1IIF-j64QE961AfHfQ4yzUVzDc47Bpra4xLWa39DS7Q3slGs3vzN35Tp_0xmyhSDiU8ZxtVA6IRQfyZFhUl3ZKx_qsAijPHbFUWrl4aznQi5Vrz-sesu77f5JbpxEIwTm_c6JOnviOvpb_NOzV3iX9ZWNwTYGR-yGl81coBm0BUAgJwOesDECX1qjAUjiPoLvYqsTftRR4FMspnJM1IluM3ZAPQc_5570Q9j_0k9wlWyMBM4vLDPxSa3KTs_5BZz78P8hrWN7ZYxcVrnAvfyg-xpUeJCa4UIuQGWoRLoMQZ49MXILwwbdsUwo1-rMtzEjgTY8NmNFUQEcxKLDRSR8NSGJ3pyUcr6F9UzakSS5A0_wafBybIThG9Ims-AkKu0ipupueFBE-Z4bk5IR2Fty6IfXLTfNPV_zfXR7rmRUWeHC4ya4H_fv8S-rBu5nIf7MR_r1DX8PXmdJCw8sYO_XhPtqPcT6eKtrDLva4rJHgdECY9uyMx8DBnHu7t-ydrSiTY9cfNg4SCJvo441_Zzr4uFezNWLo8Ll9GjyhtuY9cR1ZadO_xb4z85KbNnxJNXREHpuf052odm7f5REluUzI_s4156QoB284m7Hct80BkQuFCEgnFubGML5h_QwLpvLN47rzUqbcCEcdDBzvVg4vcG5rAj1QdLqzm7WS9ORru9vahvL7O5H0sawhE2YFAK5oPwwxPsGfsxcEXwetAkEcnvN3HXg_p02_AkVsNqwM5bjwhkg9O0_N5zgAHB4yuIN2dVWuC7Kh0EYu4XuOUSLpEfcV6wY9B14HnIyCqWqNEh2PF7QfqBJmnU8yVzTWAPB0HM-lPJ2Yr0IOCaczJxf1OEvBihmuwGMCdneiBJ-hYGi6tiGoejcjUJpHpPTcOE6oYFgKCOUsEowZW_B4N0XH2_SDHJkXofibcqCYqoFNYsV454oZbdKmcKu9qs5H2bcNBubHlfI32ch4jgQ3CLQwCnDi40n90Wz-HgJwnsVebej1kYfE5JXu8n_Fd3ZSgVXYzLf2j-ajZrn2LAJqfwM4lf8Al77YyoiuE4-Y0RAExCYo-BHOAuUCvIR_S6zycU3EciYoZXite2qrCV2MJ1pE_zpLnOTKoC05DxMsOqK_IAsYvwnCD42R_ecNlQyuP1aWqUGiwoigwbf3FzoJua56MsGa92_Tgvaep48CLQSyQ5wRDTEx9sSjsxASACAfvCVML1EdMaAEpQzDsfBPko8HQw07TOyOcmTB17fo_DN-l16UUf_W7Xc6rq-0ikZ47xvEyDVcEhEx4CWKRCS6VMMc6GTnWTHwYGq9Qy6ClSzMC524zHG-lUAe-afM5vROeh0X5FtsPNdJJmmXxklU-atkZCTwRT719CCncu4yZKqIbHJ6sIfk8mAdVS03RBE4L&pr=6:0.581543&cid=CAASEuRoIaU7Z3DwMnA58ZmzStD4Kw&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65835335424b63be5a40052ba1d0ccd3d494fcf99535f895e10e10b72293d362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15022
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C9B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CunSc263O4Lj2Pba-0lQ_SbNhGGV60z6XdALAVnmXz6PcRz6J_IMkVmS81TnIcgxrd0sYG0pqtllm7CtJhIaxzwVSxyS5t5GPTdxCb-EOZvZCJ5LE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 6C9B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25520275&plc=298833611&sid=6039377&dvregion=0&unit=300x250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 09:35:31 GMT
Server
Microsoft-IIS/10.0
ETag
"8f6388f116ecd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
truncated
/ Frame 9CFF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b54937b4057321da428bfe09e1c6d859cda4a6349c6a8cdaa34e356cf3e8fd6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9CFF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 15:24:28 GMT
x-content-type-options
nosniff
age
511049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Dec 2022 15:24:28 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9CFF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:46:18 GMT
x-content-type-options
nosniff
age
329739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 01 Jan 2023 17:46:18 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame C244 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame C244 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame C244 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame C244 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame C244 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Wed, 05 Jan 2022 06:04:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 06:04:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C244 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 09:37:57 GMT
x-content-type-options
nosniff
server
cafe
age
13440
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 06 Jan 2022 09:37:57 GMT
1468950496598183566
tpc.googlesyndication.com/simgad/ Frame C244 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1468950496598183566?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnmsd3UQPXjkedX-VhGBEmSMIN--Q
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7297837b8015d2f8558dfda07a190991923a060f5888ef213b4624e88faa3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 11:43:30 GMT
x-content-type-options
nosniff
age
524307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19840
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 18:45:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 11:43:30 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C244 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 08:32:25 GMT
x-content-type-options
nosniff
server
cafe
age
17372
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 06 Jan 2022 08:32:25 GMT
l
www.google.com/ads/measurement/ Frame C244 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXHf0O8OMr389BL1BpntE0jG19XDzzx1jxdPudxmhmqIqnYurEE5rlNP1xfPfVbFRTb7ukd_0dp8H76IaximIH7GiWXA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C244 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwkcrc5vVYdqTF4PKnwSrxqjwCYSAh71n5vLFn_4OlO3ewIgfEAEg2tfFOWDJzqSKpKSYEKABzPGSxgPIAQLgAgCoAwHIAwiqBMwCT9C1cBi8b29YeoTvD7xcmv-Ogzg_mGt8wIt6-EbonX3cgC2E18lx7Alvc5wljNq65GkvA5gqznLsU42fQazMqTGPf4f4orTWYku930ZoAsnTz1hwgerfapoIG0cKbVIhNZpRMARHnGAQ-6fdliQRkYAa6UoWOXxtp9mNu8j2qkfpw9F3Lc3va4-n0X3PXXEBfYNaTehnGA-feYb5E3_IN6LbYA3Tf9bQaqkKZ8Sb7WcQvPwvRa42qafnhoqulP0M20yIPrqyZiYkbYYvkcUuiPousD3nVzGYFWzadKlU09rBO_9t1PUYD-u2g4sWKsQaOhPD7E_cOcdii7c07n-jPuGvdtJuidt1c9XTZwCnAE6QN9ww6hViuvNebNc6RHbMZT_QF3qqqRpghs6xBhsxrOWoCO69yqDCerNbgZQUoM-2jd6_iGH81P4929vABLDC6835A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAecju05qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQu9on0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNjA1MjU3MzYwODUzMTg1GLrIFw&sigh=gg6V6hNdyKA&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
truncated
/ Frame C244 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fc470be7cb069c9120f67400d54ce3c46a3bee92c8de5bc08e7d2f23a81b846

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=conversant%2CTubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f75db606df95776cba9c16fcf66c20eccc8442d7eaf3e65d62246d36c2aabaff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame E06F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUjU6FhjmM2cKUUT-otM_4zdLEvCOSq5vXZolX8jLKbhM5ktWsM7aYePZbE5E_zuirddVjKw7uiMPThS4cld7x6_35GTrumaSNBaCtZfX1n_srIede&sig=Cg0ArKJSzGfg9R4-uoaIEAE&id=lidar2&mcvt=1436&p=1110,436,1200,1164&mtos=1436,1436,1436,1436,1436&tos=1436,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3056404191&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641388915134&rpt=536&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-0af0356-e68070b6.js
tagan.adlightning.com/freestar/ Frame 2D5A 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-0af0356-e68070b6.js
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 19:09:13 GMT
content-encoding
gzip
age
65565
x-cache
Hit from cloudfront
content-length
19143
x-amz-meta-git_commit
0af0356
last-modified
Tue, 04 Jan 2022 18:53:33 GMT
server
AmazonS3
etag
"f32559453025fa80791a89a0f77ab2f9"
x-amz-version-id
Nk5RfbChTRFFt8yO7jMCw4Yj7.zrqDVJ
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
wcR3khXAIpnMG1HBCUW8Y2F4SbjTydJ1V4TT4NSL-GomSi5Hd-N4NQ==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 2D5A 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-7.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 16:25:34 GMT
content-encoding
gzip
age
507384
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
RXcbvHGrafGVU6_esus1feNIRKkklxVzrsHvBJfKifUS_GQOikz7-A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D5A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C7cSZiVa9Ny6fOYPz3GfoLmneGOE0z7W4EzAaPIcWh0i47YYaezf5ARBzZMztlGTJ_c1_M_c6CxmZWPBVcJzmrEb-IY6AC8pFXIRqQALfAUwKelMQ
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 2D5A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25520275&plc=299071999&sid=6039377&dvregion=0&unit=728x90
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 09:35:31 GMT
Server
Microsoft-IIS/10.0
ETag
"8f6388f116ecd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 2D5A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 12:10:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D5A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 2D5A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:00:36 GMT
l
www.google.com/ads/measurement/ Frame 2D5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiqs_pBfhGVTtDqITwgb92ejnZEWEma7W7zBLq56Z7iFsaLXpgfBqlSspJMUtk1CdWrWeP_TIHt0KrBhK5FObpBraw6g
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
getads.htm
rt3002.infolinks.com/action/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3002.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22credit%20card%22%2C%22scs%22%3A%22pppDFORG_M%22%7D%5D&rid=4c961852-8f61-41a2-8ce6-ab1cd85b41b3&jsv=1771.005-3.025&sr=1600X1200&rts=1641388917143&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=96.0.4664.93&dv=p&ce=t&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tzo=-0000&c=c&strg=true&rsd=X6UUCcQJXJNQM3MFWbzy1Xlrk0fu9ARSBxOHL254Q8fgclIoQ-mqJB4MDJWW4nfqqyLEmDSkXEAsujq0YWoUGFN90mG5PxThjWVLM4MoTge862CNe5o6iJ7pv5iKt_12t4cjiS8H3aNqk5nZgSo4Nx0n5cGYFFbU&rsk=41&rcs=T5iRun8wcVPeFV5cNF6P-g&hbnr=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2557af8237c956ac1d3cf5bea11a43285c63676b4ab846c4d693be89d0580fbd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6c8d033c4ab08d79-ATL
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EA6E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu20tox9ZIY8Pz_Nh1P9-1YtiUxDVmvdLpXi6UrXjcLktgLgoHKnNNHdpZpgVt4YqQRGLsvxwXhZJ3sHbdfqoV7zl2PFDOvncg5o_6bbu3vGvZ-n6C02OHv3IlKp0hMkIyKH1yWzM-MnmXUoGX4NUfpkUz4m0Tv9RF8owgGgZ_ZT8EwmSxGXDdFKG-FKzuGwRqYPhmW8j8x6aCEdx5FcoKTRogieSy-mYYLa8ZzAxs1OxpX7j9y809O6cop8ZwxGMuLoKNEj769RHhYMgclHd8n-Xk5kq45ydlBWQwkXVJsKeELqiUxU6tRk3hjLFHFwTQ7K69pbBVw8B0za8o9EsjBYWW1ZUY_7n8QzOCKju61BfyffKNX9rI&sig=Cg0ArKJSzOgDjkcgJQhYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 21F8 		490 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNU-GQE6OYph2gK89bhLlIyv2LTxVwC0Vl1V_PsUtkPxamjLB6YqED5XxuCGYMfpFynecNyjk--zomejLpuPpg0RMp8btA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 05 Jan 2022 13:21:57 GMT
server
cafe
cache-control
private
content-length
226
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame EA6E 		26 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A10nrAcRhGEde8TldBdAnpawr0guSwgluP5QdZvKLF4wj0aYeg5akO0fqjSRYfpRCKcAYbTljZZZsaMhRxSNN_ZBa0OOWzevu5uE0kZaLaVixaPZT2KfraxCLmuFavAwCxkkuZwH6RXA7p-CfkrEXOFRP76Q&cry=1&dbm_d=AKAmf-Co-U12xdMpiHmj4egLiqoKTFKEsgqkjLYfPrSkSZq0-ybJ0M9l45iRU2zd8ISo1WZscyM6jGE0DViAZeRxDlWhTK8UxzuCxgXVi9yPQUYu6zi2KUGRVpunjD4CoPlh7HV_w92XMkYyKiIGXWkIiQj_7CyVKgkHVnr9dsWKJPkZpLQtU9mR52yNmEgTdzuq3LsG_8MSFbBXFs5qOT8OQpKWYJtPxLYdCR9P5-7qt9OnjNE_dINFa4VCU3UoXDZB5ceWqKJJtYYtRRi00w4wpvhzbTE5u2Y2CobU-2W4BtV6AmlNBF3jCCB2xvV21pVCj0hBoVXvRdc119cZBPLwQXfyjXOIkwW03_j1bOUYRvrV3ljHViwrPrp71sCcgyO6XsRzKXiw4hQBflE9XDxepLYqs-Yj78Tz62nG4phqLEVUs_PCxmbh3PNVNa4qJm19sShsMHHYNX1ylYXuh0aLEzLd1dZIOg8s9mAO3m7RKStM95uu0mMGsvCA39Fw910jugowyU1ZWCW8kENs267KxOlzhO1sLaX4YhLVQnfiXv-FIyIcf2u4r-Nq7If8VFjW6P2byy-emNHYr_Od0lHM0aZfN13PKowdrG3gV_pwUsYoyvt2eHtCaJOKhq11k3hFjWcG1VmfpTt18MYVKVCjlTpW0lN5k_kqeBldjBI8ffd5gLub4spa4zP9-V787i9hdN_4gbsim_oD_U5pBirT0im0-ex-7WmsaofFr_xZfeRW3F6ZUMTp4c7qN1-NYJqKtWqgKxPKFGhR4Vs60Xv7wshewGNdMokOIsoVxQg1XZzkFIS9OC8D19G-_15w2ZmtrfdTSVfGK8y99BSJeT8QIeMDvtQA6fT9trd4uPrKLteasvWoE7G_gismNg6rAsRvJoAvhkg4pYQNjHECZr0BdAaQVsvWTtJTjlLBH8Om8Cn8utb8Hh_SdBtMYCZjMlgyjmJkmQzfVQ1Z-yKB6p9mWqDxj92DQriNYmWok-gA05KmPCISP6KXzoFLJNxmiAW1oeUO10-SLxMc3wIK_uLBabjEhQsXbARfvGusExb5w1K513Sh8Ew8LP4u5PFQUaz7ob9suktiSmOs3bgo0ZVWYs78Z3hOgn6uuNLIxOBMC7VsA94wVwdPAK9hG7rX0AQptyx2wMgBwZb-8PAJZvLeRQyEjv6Ja7LPN1MslK7JUlBhbUJTIlxq6WqubJw_p9pkcGhR37vFoY5DIX1GVSeomEVJlWh8T6uKVl3bgcbcXl7fSWVo88YHZG6W8MtP4oU5VWSXijp8x4rR7v1Hb_6RUxplc_K-W0C6f2pSeRxKJxKV3uFTbYGtHB5Y8avfanrQymAm9emrFRFftD-gTJo3vY-mCdArhM1j8EdagFOsywz3DoRIxW9la4V_wtkG_MlSMHs7pvFxTybuHeuumffBymGMPCN-aDT4mRa38S4kSFT7ZD_B4VQos7mnD8aNitxQfp4clTXAuQJ109a8MnIzL3CWS3L-DM5SwXevjnHGXXSmAkOVxDer1h6TMSFkG457PAn_3A6a0N-d1rORBsMisHHZAjqHTCosY4gKW7kih1SzOhDI7oKsnxHFELVnKUlke5v2M2T2fl7IwrcP0knRclGQ_cJcVtI0l49x3rEcFdMAdg79PzKu693l1eagVsvdDtkEoC1Ph5sP67rcMLRJfWIB5ImolS9UmU2nd0LU1a-ilVbgz-_9t9IIgtG33lsUlzA50-rBKcEZakBb8TU5jZgyFDiXMuHkdg6ZOWkHTCq1n7R8Ls6vSmMbQpntckdVFZZp6rawsxwLpP8TyOJwNi6_WhCo0uip0iM2UYh7z15aoYbnESmxLl6RjybojyIZmXERDopRZFa3Fp9u1JHW1zJyadClZO3PJAXs4d7l4rbUPQDE9t4Z8DgaK5eBAwquMznX_s-kqawW6xBhrnYq7k2Ig9Fm511rgFCo4YNWfY-2sb1r2CL2b5FIZ7kzDgcVkfKTV8AqjWKoR-h4ib2vB-KmDcOObp6vn8QlsNeMLZ4KVDM_X_vvZ71zTIa5iUkzpV1XhHVQpabgjijaSVR8D8BO2ppuoF5VUM2__tLrp7CkVcs4QYhwLQ4n15k1O5DAFh02lhyzj8gxHjg9wyt_gIQ-VEshqxx8tT025ihpvsOxmh1TihD7H2fPOjnfv6eOh0IfwhV5f0VAnTTdi3neCFbYzqgSvKuPMQHcQ6qpj2RsaEgoxAbMaPalHmVf7PU56UEIUJfwVUpK8wJmzhb9PTA7Y9cW5l6sbTCnVEE8VFisV9vbJnsQfopLX3RWJ8f1N5DR46JGlMls6bpC6N9rIeH13C06Pcf97VGZD9pjlJMyvI-DXl2uUnQrj2mhEhTwnHlPXYbF1Ghyb38ISkZocsc0ZRjJrari_W4Otol28fX2-aBdM8hbSowx31VGv8EVAGe_x2fm-wLVIlexIUDzx_sxUhbKzX1tf3nrB3Tjcr2GVcoqcZ7cuslCgxWDumtqEFuHxVJ71OGK1o1lSJxNByxgqY6lK5OwzIQmaUou-0ZI75qj5EoBGgGV2CM_f4kmDA522s0abTbZpiymzOEfhhqnzMVkZharp_DfMXepcDJvRqBjDTwI_-zGSiyPkO2-gm4tGc0nQy9J0RopvDyTKfjCQCmBAfMfg0IJfmG-zkock356U2sVeUyIDQOmJIOmLKbyrpEpv4psN-HCA8ZYy1HnSmVHcUZEX_ENJgU8B2bPwRfUInh1KDeUEPzSXhdp7lUrdqAVFDjLe7TEHbUFibPT2cenmPAB_G1-v0KqMlQtbApbTVZKsec3J-Kta9OintiCstNW8U6E37LXUF5vni4N2_zqBkvZTS9NYx0BimHwZw53PMy_i7O_LT9Gx0G_5ilNk4-oJePrY9ZyHrASWiD2yBuVJlTFo-Q1AzEVmmFlzgmoYTFv3iw0w1HXu3hvKlu7AAD2EHf6NiaRv-sID_bG9ePsvNbCjta9IOE9Hw0dq91hn_VwGVcDatqYvu9SHviTHle0EqAaTBeeK8lhe1MfwKniQ0fAyOfmxj8v3G4Kx4aEzUfnNUUGGUph0qn_y77cz45fS1yOe_pe61IzgXNQ713k0wQAE6cCsrSZ1BSNuQB4_8dhJwF3-Kl7KiX7juIKXUlLYO2HCaKTHc7IJNSH8Kc9wIb97LIR49pz2r-ldXqbqSM&pr=6:0.581543&cid=CAASEuRoH9fIcNcpKueg0BnSv7Govw&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252Fnews%252Fsecurity%252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62400d3b173a8a5377fc1b7680e537bb683bc683bd00cfeaee4188b8be8c5793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15038
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA6E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CaNPT_oRVv5XNoW7vgL1qVNPIpKm8E_QTAn4NgCugaXN_dNTHwmwZmxtJ8LDG2XFggXp5Yc1vh_47M9DIAhpTxG0WuZS2VNXzBwdnpq68Xvxv6fVY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame EA6E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25520275&plc=299071999&sid=6039377&dvregion=0&unit=728x90
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 09:35:31 GMT
Server
Microsoft-IIS/10.0
ETag
"8f6388f116ecd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
vidice.js
resources.infolinks.com/js/vidice/1.0/ 		620 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8d033e0d688d79-ATL
date
Wed, 05 Jan 2022 13:21:57 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jul 2019 15:15:02 GMT
server
cloudflare
age
12134
etag
W/"9b0d4-58d552435a78c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 04 Feb 2022 09:59:43 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=TubeMogul-GP%2C1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9f29fda0e6c11022b808b8450553d5fc5e78a8c26e3948d1eb9cd7c24d4f3f24

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 6C9B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:21:44 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6C9B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 06:20:52 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
cs
cs.lkqd.net/ Frame 6A95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEC57sg2CXCowD1oiKQx-wGs&google_cver=1
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEC57sg2CXCowD1oiKQx-wGs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGILDyaIBMAE&v=APEucNVzIKsQsmCZVThDYGgXMNbBoTuDcnDnq2dPOoz4R3kKIemjV5yLdoDUvziCZCDJeUmAuESAQU62k-cu5T5_so98daDkTg
Protocol
H2
Server
146.20.132.105 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEC57sg2CXCowD1oiKQx-wGs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 6A95 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGILDyaIBMAE&v=APEucNVzIKsQsmCZVThDYGgXMNbBoTuDcnDnq2dPOoz4R3kKIemjV5yLdoDUvziCZCDJeUmAuESAQU62k-cu5T5_so98daDkTg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.105 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 6A95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGILDyaIBMAE&v=APEucNVzIKsQsmCZVThDYGgXMNbBoTuDcnDnq2dPOoz4R3kKIemjV5yLdoDUvziCZCDJeUmAuESAQU62k-cu5T5_so98daDkTg
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6A95
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdWbcBgovym-M.HPZmH3eQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGILDyaIBMAE&v=APEucNVzIKsQsmCZVThDYGgXMNbBoTuDcnDnq2dPOoz4R3kKIemjV5yLdoDUvziCZCDJeUmAuESAQU62k-cu5T5_so98daDkTg
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:21:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBUrqvm8qUwHiiNAg9qrWh8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6C9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMZYE_1GAbzYXcDlTSsjOK9Cxv7DA0-i0MXVtGHvJcpXRzhZiBqpEb3RM7gz67TX6EY819Ihtp7m7uOB7zNJFhkzN-srOLHHF8jrfpXPY0bNBRHOdj8frMDDiS9_VREvrwV5SPSlNM41L1E_7IOOlyyqhRaGrr3cwvZqHtkKXHrGLpiw3xxIE9h60CJIS1a4JylxCECXQYSeHWrs7GjDgTy3G7YBqjoN-r-FKOv2lQgcicMbgjDxBCWYt_4pNVE7rm_KE9wO8LF7Fg2VbHERVrLHQyTiquBCQ0ztQMe9o6QRx4IAeaM1aMvXSGD1nNyh6HSTpznSeZxZoKMWEeTkfvCZtJ-asJ0hBSwZSAx3DBVIVeVBEqIKzJ&sig=Cg0ArKJSzAq4dBQ9HMd4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 Jan 2022 13:21:57 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=1%2Cdataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cd1d8c67b5111d413f5f823ed5c17dd08154ed09cd370f8855916aaf34c479dd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CFF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 11:29:33 GMT
x-content-type-options
nosniff
server
cafe
age
6744
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Thu, 06 Jan 2022 11:29:33 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CFF 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 09:37:57 GMT
x-content-type-options
nosniff
server
cafe
age
13440
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 06 Jan 2022 09:37:57 GMT
optout_check
beacon.krxd.net/ 		92 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.investingchannelinc.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
cf65d9ec426bd3ecda70d618f1d789e47563d408ccc0460697aa51193dea9165

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=36 t=1641388917
x-served-by
beacon-n016-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		385 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=9427dd0d-835c-471c-a5db-ab01ae8a681c&technographics=1&callback=Krux.ns.investingchannelinc.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ebf216a70363b96d385c7315e3b7df8f0b069a8fafbb359ac0b840eceb14c4c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a014-ash-prod.krxd.net, cache-atl18470-ATL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1641388918.876064,VS0,VE22
content-length
291
x-cache-hits
0, 0
setuid
ib.adnxs.com/ Frame 21F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMz0VYYdlrflTFBjxetq_UM&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMz0VYYdlrflTFBjxetq_UM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNU-GQE6OYph2gK89bhLlIyv2LTxVwC0Vl1V_PsUtkPxamjLB6YqED5XxuCGYMfpFynecNyjk--zomejLpuPpg0RMp8btA
Protocol
HTTP/1.1
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
4fa6b5e5-dfb8-4b76-b93a-43758cc6309c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMz0VYYdlrflTFBjxetq_UM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 21F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTMxMTQ3NzQxNTk5MDA3MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTMxMTQ3NzQxNTk5MDA3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNU-GQE6OYph2gK89bhLlIyv2LTxVwC0Vl1V_PsUtkPxamjLB6YqED5XxuCGYMfpFynecNyjk--zomejLpuPpg0RMp8btA
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:57 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
202dce09-0370-44c7-b53f-5beabcf2117c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTMxMTQ3NzQxNTk5MDA3MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 21F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNU-GQE6OYph2gK89bhLlIyv2LTxVwC0Vl1V_PsUtkPxamjLB6YqED5XxuCGYMfpFynecNyjk--zomejLpuPpg0RMp8btA
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
750589468d5634b7e99830971becaf64
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG4yY2G6xBKfv0oxXLTFYQ0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 21F8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNU-GQE6OYph2gK89bhLlIyv2LTxVwC0Vl1V_PsUtkPxamjLB6YqED5XxuCGYMfpFynecNyjk--zomejLpuPpg0RMp8btA
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTc2YzUxN2E2YjhmYzVkZmZhNjg5M2FkZDVkMjcwMjE3Yzg1MzczYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame EA6E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:21:44 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA6E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 06:20:52 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=dataxu%2Ctremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7e15a983b3f8aab9eda42d1bfe995aec6c50d023742725da9d4dd4040491baf1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:57 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
abt
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:56 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
dvbs_src_internal101.js
cdn.doubleverify.com/ Frame 6C9B 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 09:35:46 GMT
Server
Microsoft-IIS/10.0
ETag
"08517fa16ecd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18088
pixel
googleads.g.doubleclick.net/xbbe/ Frame A267 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNWdBGOCBoyfIH7qUsKJ-OF8wFB-Z-LN3HwjbRKnzm8PZPTrPuYXNU9E0F-wKPMrfhP_QOS5Dw3fC4ZESgNeP727PolW9A
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 05 Jan 2022 13:21:58 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2D5A 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DH2tPv0g6vTOdQMUEezWOKpWKivMeMnNlnMrt-MRX0BUA-2crp60_T1DQJkcRiG94FpuZrnAQYGAqTxDLFYc1CcO3G743bfovmRCUW3vBBGde2EiGdlnhWlV3Da2D0BLxz2dWQp7t3_Uk0tMV3BjjhX2ujpA&cry=1&dbm_d=AKAmf-DpxeHSkGm6JrRfF4ANrzLQzSUKW1-k16pegRiQIfn0BimOBGdLp8abpbaSXa8Wtkj7xkTD2J21oa6l1BONnu_qGfm1FOwkwyArnDpJ3ANeZanC0cGuccOGlQBXobXbFO1eshphluTd89rgp3SQFcPV5Qdr8cN3FCGXbcHTpebIbHHmBb2TzZ-GQhScvMmbM9UsbbPsdnAAEaWugvJ0zzZHV6CzF5SADjp5MYcNpCr2j2JZlK7vkFzzPTJAcEDp1W6_zN7pWPzA1PJYoHBYlCLiPrdRNdRGY3-qB2tJV2Fh8yR_61_QsiQiffyoHW3R-lHVVawvh0hFF0cT5m_BKPfAPA_l_pDfClbo9viYwSV77WSeHhFACmA8xIlgMRgEb5aSAfYLh4sstwjgl_6DrZ5UrYgC5x8QgLDh8BaB0J6jbEXCwMDeP8G6gXY6hU9msoFvbFSOA3BF0bBAM5m5I4KglXhSw0s_xDnfIPccci3i4slmf8LwETURjfjsWG8x9u0QWGVQrIkWJs7H4U56zvIvYrKjlA03WHJivCeZlYiwYhxN_Ra-aRpkvZg5_oCrfoXyyEuKcCY__a-qeC4vspN0S4g9n9KBa9a2_vjrw5-m8NT7Bot4YczVnHOJD2Z2mmOncLYUUITPWHlPwgvV-AgM3B4HQxts-TkIUjTHxTP0dkK1IHA5Kbr-_wFYQexlHf2WoHOSw-D10YRQEqipEG2bM2Mb2hhv8pGKtcvD4bAAInvyhI8Tj7lrvMTY-vlidQPCOPODu6Bq7UjX5Wq-U8m2xAbmOBH5WgTObhoI_shtPlTDvOZ51OCqFjMj8g8kJqeS9tnE-7RZVY1fExqju4RDwNSMpdHXq62BNdwJjwrXOMtjxDpv8zqjh3AeORs-UxMaOz1O_h230BrYMSdCrZltwamubKsxDHcW4IlwJSMyDGPML-swQT9_YhYSnd3lLOJ2RoirX6K_y6uOQTtYBtmrfV6AJUT0xoJqaGCRK9ug2GcnTC_YyIgoopvgKUipYIeyfalZhCd1ndoI-rRzuLVRJKqxMaD54WMQxysOAZlm7dLkZkrpYqjLX8d2TViNE6Onw02bhA_CGWcOtQ6MiusR9iCG-C6FygiS2Ay57ViVu8wJTAG6PsaGV0Cferx3jCaNAmObUbqttgoH8296og57VQx74ou-dgZnoOpQP3GiOFBzRKLtc2RaBsIwHWtdfRYJ-9KgTDFs9B-04I_Xpn2kitNdSm73e8Kmiq03-3ulnevBW4uKvLOgxNUVS9okZO4q54XVHcBgeaamCcK3JQnTDxEymTcR_Tu5hJJgp90knXoH1PBRE08qLIqk3J1hzM9ka3KO5_WE1dYgqCbHOAdXoCK77NKlBJiNq7IQReLF3Zr46xzknm9dufZJMnTlSe6fp3_zmuuBjJgFVTcY7fDlC13B9xBcuifcaXRm59hMRNW93Z9pFiycOKUahlB5dIZPEmd-HWycvW9cXp3vK-DuMigMLJKLuMElPwRE8z6rALY5ntSC68Nhs9jdSFaESrIQCSmkVeVFY0bLbfY22bkasgeDAuw8WvJc6hDhy_EWINCn6umE4ILJsVQujn9fMllLASUvjHrodb_5FoFbiPRAVir3ceGp5HwY2E-Eqnp0s850VyFJZIuzYEgDLuteAaVRERObFNfCSdj4_GIgE0EQ9AZlckBM2O9qGh9Laezr_GrAi2g8oyjH6Wj5NmTOcmPekEXy1GiiVAFa2yrCEbZzc1lztnR44KVc_mQysGiio-Yy3zZM16ocYcODl3_8cu65CTiku-Xwc_gi1Ph5GTiC-fTlipTkSBsY28xov5hePayrUdEliTO5HJzutPqofYiegC2J-qSyvL1r5SB6k-qE8FmH1s0EUBrTRpUHdPQ6hkyU57_iF6DAHAPUhqV6mMFyJbfl01F1BZxK7UABO-U1EDZJZq4ZvnVg7RKVpz1DvAc8_G_L2iSC9Mhlwf9mTBaKjcKPCycHC4c6pgu8ARmzWIRovp7BOJZr4yvzg3BzmVWt5Usx_7hJgL4Ss52MN2RIXjgkLU8aazSJyC388nspqO_6HylSHqJdfJB_27IYAXeXm96dL0jo8lwgkCq02ESUaikoWd83d5D2v461USuuFOUvLLkBY2uAqkZ0hcjSj5UZ_VVt50jh1grr_l3xlzxjPmShRXIwcHJrTXZUS3v7_itvt_mxqTt_GYYKNhnE3TNRrSfyoh6IiQuPLN9ZAB2IbUb00-sacG7-IlrhXnOn95MaSxl-2TAGBr0WViPR3PNj4t6MVVvkGplHZ3hvN70gy1LSzQuRZ_lYq-BOmiv5Sx8rCIUG6UwAz_zyfsVk1E0qoGURc2xeaoKhArhXfb7_cH90kzJCLAQ552KAIKBSK1pOg3K1wIFJAOLrmYH9mtdrg1ryMmAxtlEMIEGDz-BHZXRn_IxGJw2yuN3TSRO2VomDNeJQOageL1fCmpYBv-NiGlIE3Z2uPon3L_UlFclXEr8X3cK9XD_ZDpcbJqjEsF-qR0M2v3FrwIx9q9TBbZx32i-B_72TSdC52qZm3JKDJP9jreEM6pwwTIs8MI2PNTtrXhNmv1fDWScm_58fkNIkf8mmghxZyiqPJQ_iK7m8q9D3nEekV7fm5OIblpNUHgTYdnQSgJdvChYRWFn_W7L4zHFASI7Dc7CYctBjH1IrPhQzPDNrIqkjH-eWB4hQs35sVpY0HFipblMPnGRtzY9mY4cNKClZwE7KzYOp-NsLDqUKC2wF9HTedqfEDdSeoF3y30pVXW2DhsOZRpRIX2RSuyERXJGtBvLdm5NlV7A3-q7xbXMw1-XxcgopRsGmK5MDSldn0j3LJOOj23rQuY4T66DQHtzToa6a_-Vl-UjEkZ-BBC-UyU8qtZWpsuP9tYspEKIPoWc5lOobOUCr9qevfS0vwn9ERqvJyQGJ1Y8_cr0pBrK6-ELL9eF8IwyvHOtOjcWgS0m2LbFHwr5FZbIeJK5CXigODwpOV0_PwKvvH0Bn9c5C_rGNFimk3y81DQm9QM02LPDwq89rmVVTYFe8HkXxNrYhY_uAuj5irlxbCehQ9wp5H2q_qrvrxPUnyoJaUY7VcaFupAK0XVf6zFBcvyDY0fGAl3bQYD7qS4qB_81REl0tjfkT0GyOh5-tUZIIe0WZ8YW-EzhwH8TQl2L53x7oN7cflzzKN-WamgwmP_A6&cid=CAASEuRo66TT2ZFh9Gr6yDKYl-YUHg&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd6ad8f1977e08865783ce753bf61ebce42cfc6415384d9d6478ba7d6c7a367a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14177
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EA6E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnMTsij-Fq62MVkzwslQx7dooiyiBMiDokL1lwINOi6d8J5wmrQAiOfzimFwNIeqmbjSoQUkRZ5u7LrYVkJ4GxHiHMGowm9IHf-DwaawAw_EXmJ1ydf45VxbBwC_tPZ3EI9UOCMl8uVPcWRXtk6sGFChHjwuayjfU8AS9wF8vlOeB1gOjA1GWFQ-OPx1eoCdmzWMn0vdX9lHYseHhuTrREVWfELLKy2BlyneQmPiObJ15FVeN3xu0KGHX2iOY_-l-f6XvkSqgbj9xADzBXdVaiBMY7JRT4DJQfrMDgbda_oF8802rXMAuFgvW-PKTOYMxBxB8E7QRgLQD69dQ1K5dsrxHGOQq-5QQ8x55j6AKl6_2vFBCXt1rEDg&sig=Cg0ArKJSzP-Qh_xQHKHnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 Jan 2022 13:21:58 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=tremornet%2CVideology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
617242459354e45035adae7f1ca37ab2518e3afc439cd74dd9e3d3d5d66cf8e1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
adview.htm
rt3002.infolinks.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt3002.infolinks.com/action/adview.htm?rid=4c961852-8f61-41a2-8ce6-ab1cd85b41b3&bdc=1&midx=0&emd=MTQ3fjE4MjE&rts=1641388918443&prod_t=d&jsv=1771.005-3.025&skin=sidebar&theme=nologo&sdata=credit%20card&scs=pppDFORG_M&rsd=X6UUCcQJXJNQM3MFWbzy1Xlrk0fu9ARSBxOHL254Q8fgclIoQ-mqJB4MDJWW4nfqqyLEmDSkXEAsujq0YWoUGFN90mG5PxThjWVLM4MoTge862CNe5o6iJ7pv5iKt_12t4cjiS8H3aNqk5nZgSo4Nx0n5cGYFFbU&rsk=41&rcs=T5iRun8wcVPeFV5cNF6P-g
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6c8d0344786f8d79-ATL
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
0bd0ad80-8612-4d2d-beb8-355e888ce62e
https://www.bleepingcomputer.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bleepingcomputer.com/0bd0ad80-8612-4d2d-beb8-355e888ce62e
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
dvbs_src_internal101.js
cdn.doubleverify.com/ Frame EA6E 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 09:35:46 GMT
Server
Microsoft-IIS/10.0
ETag
"08517fa16ecd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18088
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A103 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c147dfce401e5e7e2d0f5fa2b9cd2164960e85bb34689f29c770ad353197f659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51887
x-xss-protection
0
server
cafe
etag
9356793789624452229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Jan 2022 13:21:58 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
verify.js
rtb0.doubleverify.com/ Frame 6C9B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_426925925493&jsTagObjCallback=__tagObject_callback_426925925493&num=6&ctx=16221812&cmp=25520275&plc=298833611&sid=6039377&advid=&adsrv=&unit=300x250&isdvvid=&uid=426925925493&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=0&brver=&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=16&fcifrms=26&brh=2&fwc=0&fcl=1041&flt=12&fec=1467&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTauDJ%3F%40%3D%408J%5CH2C%3FD%5C%407%5C%3E2%3DH2C6%5C%3A%3F764E%3A%3F8%5C%3F2D%5C56G%3A46D%5CH%3AE9%5CC2%3FD%40%3EH2C6TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3E&dvp_exetime=6.70&callbackName=__verify_callback_426925925493
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
bd074bc63edb8296f379053322ada9741e6ded26f9fedf7efa8973c5761e80ad

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
01/04/2022 13:21:58
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5254 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 05 Jan 2022 06:20:52 GMT
expires
Thu, 05 Jan 2023 06:20:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sd
us-u.openx.net/w/1.0/ Frame A267
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBUfwKoeXTyuczfLhYoZGdE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBUfwKoeXTyuczfLhYoZGdE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNWdBGOCBoyfIH7qUsKJ-OF8wFB-Z-LN3HwjbRKnzm8PZPTrPuYXNU9E0F-wKPMrfhP_QOS5Dw3fC4ZESgNeP727PolW9A
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBUfwKoeXTyuczfLhYoZGdE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A267 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNWdBGOCBoyfIH7qUsKJ-OF8wFB-Z-LN3HwjbRKnzm8PZPTrPuYXNU9E0F-wKPMrfhP_QOS5Dw3fC4ZESgNeP727PolW9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A267
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENwqhXZlke0JINgSldkLAbQ&google_cver=1
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENwqhXZlke0JINgSldkLAbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNWdBGOCBoyfIH7qUsKJ-OF8wFB-Z-LN3HwjbRKnzm8PZPTrPuYXNU9E0F-wKPMrfhP_QOS5Dw3fC4ZESgNeP727PolW9A
Protocol
H2
Server
23.195.109.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-109-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 05 Jan 2022 13:21:58 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESENwqhXZlke0JINgSldkLAbQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A267
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTU3YzAwZTEtYjExOC00NjljLTk0OGEtNTk3ZTI2NzAwY2Vm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTU3YzAwZTEtYjExOC00NjljLTk0OGEtNTk3ZTI2NzAwY2Vm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2fDBCVroUCGKr0x6IBMAE&v=APEucNWdBGOCBoyfIH7qUsKJ-OF8wFB-Z-LN3HwjbRKnzm8PZPTrPuYXNU9E0F-wKPMrfhP_QOS5Dw3fC4ZESgNeP727PolW9A
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:58 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTU3YzAwZTEtYjExOC00NjljLTk0OGEtNTk3ZTI2NzAwY2Vm
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Wed, 05 Jan 2022 13:21:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 2D5A 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:21:44 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2D5A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 06:20:52 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		1017 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=Videology%2Cthetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
71a910c68b3e45db2d8ab1e31552f7c5ef0079acb31b6c1176daf6a279b877d8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6ADC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 05 Jan 2022 06:20:52 GMT
expires
Thu, 05 Jan 2023 06:20:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
verify.js
rtb0.doubleverify.com/ Frame EA6E 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_16203641254&jsTagObjCallback=__tagObject_callback_16203641254&num=6&ctx=16221812&cmp=25520275&plc=299071999&sid=6039377&advid=&adsrv=&unit=728x90&isdvvid=&uid=16203641254&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=0&brver=&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=16&fcifrms=26&brh=2&fwc=0&fcl=1041&flt=12&fec=1471&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTauDJ%3F%40%3D%408J%5CH2C%3FD%5C%407%5C%3E2%3DH2C6%5C%3A%3F764E%3A%3F8%5C%3F2D%5C56G%3A46D%5CH%3AE9%5CC2%3FD%40%3EH2C6TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3E&dvp_exetime=6.50&callbackName=__verify_callback_16203641254
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
5ac32db1e4908c5d8e0f1449fe9c0154f8501fa1ce0cec75327fca64d1ac171b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
01/04/2022 13:21:58
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=womptv2nm&_kpid=9427dd0d-835c-471c-a5db-ab01ae8a681c&_kcp_s=Freestar&_kcp_d=www.bleepingcomputer.com&_knifr=26&_kua_kx_tz=0&geo_country=us&geo_region=ga&geo_dma=524&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=us&_kua_kx_geo_region=ga&_kua_kx_geo_dma=524&_kpa_url_path_1=news&_kpa_url_path_2=security&_kpa_url_path_3=synology-warns-of-malware-infecting-nas-devices-with-ransomware&_kpa_domain=www.bleepingcomputer.com&t_navigation_type=0&t_dns=12&t_tcp=58&t_http_request=-1&t_http_response=32&t_content_ready=9778&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w0q9981bi&userdata_user=OlV_16xc%2Cw0q9981bi&sview=1&kplt0=39860&kplt1=47346&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F9427dd0d-835c-471c-a5db-ab01ae8a681c%2C160%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C744%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C827
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1641388918
x-served-by
beacon-n012-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
syncnoad
partners.tremorhub.com/ Frame 657E 		1015 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=thetradedesk%2Cappnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a7af97e5db5c3c213190d691dcf5bc771a875aa621d6019ed07c1807a099df74

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 6C9B 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=6f04a88c65ca4ae19238d6d44c12a66c&vfdur=110&cbust=1641388918772696
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
01/04/2022 13:21:58
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 6C9B 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=6f04a88c65ca4ae19238d6d44c12a66c&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0511&dvp_acibv=&bsigr=721554505857&cbust=1641388918776874
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
01/04/2022 13:21:58
dcmads.js
www.googletagservices.com/dcm/ Frame 6C9B 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 14:13:10 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ Frame A103 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6373315980741255&plah=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae19ed24c334366c2f9f55d8b536dfeece7c763203a3abb9a6b60d095d3f8dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101723
x-xss-protection
0
server
cafe
etag
2623279988207129644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Jan 2022 13:21:58 GMT
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame EA6E 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=ef8796882fb44af181f050e62533b56f&vfdur=42&cbust=1641388918811644
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
01/04/2022 13:21:58
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame EA6E 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=ef8796882fb44af181f050e62533b56f&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0511&dvp_acibv=&bsigr=721554505857&cbust=1641388918814575
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
01/04/2022 13:21:58
dcmads.js
www.googletagservices.com/dcm/ Frame EA6E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 14:13:10 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		1010 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=appnexus%2Ccentro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5bdbcecd4db015b55f400ba7f10242be2a1b31be3768fab67eb3a42836243ee7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
dvbs_src_internal101.js
cdn.doubleverify.com/ Frame 2D5A 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 09:35:46 GMT
Server
Microsoft-IIS/10.0
ETag
"08517fa16ecd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18088
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B9E2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 05 Jan 2022 06:20:52 GMT
expires
Thu, 05 Jan 2023 06:20:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impl_v81.js
www.googletagservices.com/dcm/ Frame 6C9B 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 06:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Dec 2022 06:44:50 GMT
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame 5254 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame 6ADC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
impl_v81.js
www.googletagservices.com/dcm/ Frame EA6E 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 06:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Dec 2022 06:44:50 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		981 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=centro%2CBidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
1b082e323b5ab16f8b26f524909720ac2e8e150e8b37e22dcec5ff06155c8469

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
verify.js
rtb0.doubleverify.com/ Frame 2D5A 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_473618973169&jsTagObjCallback=__tagObject_callback_473618973169&num=6&ctx=16221812&cmp=25520275&plc=299071999&sid=6039377&advid=&adsrv=&unit=728x90&isdvvid=&uid=473618973169&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=96&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=26&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTaubge643f_be25223gbeff7h%602a%60_a36ae%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTauDJ%3F%40%3D%408J%5CH2C%3FD%5C%407%5C%3E2%3DH2C6%5C%3A%3F764E%3A%3F8%5C%3F2D%5C56G%3A46D%5CH%3AE9%5CC2%3FD%40%3EH2C6Tau&dvp_exetime=2.40&callbackName=__verify_callback_473618973169
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
b92db4ab2e721fae21ca1f423a3139aeaf040a4f86cbacf75d3473194774af64

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:58 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
01/04/2022 13:21:58
syncnoad
partners.tremorhub.com/ Frame 657E 		955 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=Bidswitch%2CSundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
59d778bb5ab851fd1535230b89f064235606fb4ef01bc51a348d1db999ef3be1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame A103 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6373315980741255&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 646B 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6373315980741255&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
499661a3d6856aa2c768157773db797c3a19fdeb849d8f3c17900017dc3810c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 05 Jan 2022 13:21:59 GMT
server
cafe
content-length
7806
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B9689862.280410797;dc_ver=81.236;sz=300x250;u_sd=1;nel=1;dc_adk=1386922168;ord=ljw95a;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fww...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 6C9B 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=81.236;sz=300x250;u_sd=1;nel=1;dc_adk=1386922168;ord=ljw95a;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F$0;xdt=0;crlt=*RusAG4VJQ;sttr=113;prcl=s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
99a58af9f28e81ddda237d0db14f1e4a2a9d41aa330e87db2eaf9249acd82236
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23629
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;nel=1;dc_adk=10605431;ord=hlaxa6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.b...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame EA6E 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;nel=1;dc_adk=10605431;ord=hlaxa6;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F$0;xdt=0;crlt=*RusAG4VJQ;sttr=105;prcl=s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
238b8e686268cf873e4200fb29f41a2edc327ed23272294b4e7082960743a855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23688
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame B9E2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		946 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=SundaySky%2Cdynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
665bcd3188471e35131aeb6d34b908d35d6ab94038def716688ca830c140ae49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 2D5A 		0
305 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=ab5b72b441af4820a284147077bc6e55&vfdur=45&cbust=1641388919046630
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:59 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
01/04/2022 13:21:59
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 2D5A 		0
305 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=ab5b72b441af4820a284147077bc6e55&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0511&dvp_acibv=&bsigr=128&cbust=1641388919048932
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:59 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
01/04/2022 13:21:59
dcmads.js
www.googletagservices.com/dcm/ Frame 2D5A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 14:13:10 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		984 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=dynadmic%2Cmediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
bbc299a5a1d5b540985c92596c26419800e1c11cfe9c54af06baa4fc82912c0e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
impl_v81.js
www.googletagservices.com/dcm/ Frame 2D5A 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 06:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Dec 2022 06:44:50 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		992 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=mediamath%2CBidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
28f082e50a6e97d7107626f1b1760b849dbe97c9e07260fa35c90d4f87cca026

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 6C9B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jan 2022 06:25:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 6C9B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:17:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6C9B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 06:20:52 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4B2E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=107016
expires
Thu, 06 Jan 2022 19:05:35 GMT
date
Wed, 05 Jan 2022 13:21:59 GMT
vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 67B9 		0
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.552466&kaxefact=0.552466&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1641388914&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.581543&dcId=2&tldId=59673386&passback=0&svr=BID88404U&adsver=_27888023&adsabzcid=0&cls=BID&ekefact=cpvVYWi8CwD8mX3UNwZiJ4fYC5IBw99tmNuQXzMb81oOWu7g&ekaxefact=cpvVYXi8CwCdeBnVbVF9HpVHx2qjz6TE6aTytYRfrqCUbkgr&ekpbmtpfact=cpvVYYW8CwBLuMDjV1DD1aApkoMMbmxSadV3fOjXefupJ-PO&enpp=cpvVYZC8CwBwZB-EIKxjv1w7qS17IC70CooAS2ZOfiW72_Si&pfi=1&domId=7543222089094626466&dc=NYC3&pubBuyId=2866&crID=340943234&lpu=norton.com&ucrid=15079233382529498178&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=200637&wDspId=80&wbId=9&wrId=0&wAdvID=4502&wDspCampId=15627445824&isRTB=1&rtbId=8A3ABEA7-9990-4083-9186-3F8A76B69D77&imprId=F32CBB80-F3E5-49BF-8700-753BED3EE9E4&oid=F32CBB80-F3E5-49BF-8700-753BED3EE9E4&cntryId=232&domain=bleepingcomputer.com&sec=1&pAuSt=3&wops=0&sURL=bleepingcomputer.com&BrID=5
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

content-type
text/html
content-length
0
date
Wed, 05 Jan 2022 13:21:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C9B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame EA6E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jan 2022 06:25:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame EA6E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:17:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA6E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 06:20:52 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8E3F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=107016
expires
Thu, 06 Jan 2022 19:05:35 GMT
date
Wed, 05 Jan 2022 13:21:59 GMT
vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 99D1 		0
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325177&adType=10&adServerId=243&kefact=0.552466&kaxefact=0.552466&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1641388914&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.581543&dcId=2&tldId=59673386&passback=0&svr=BID88963U&adsver=_27888023&adsabzcid=0&cls=BID&ekefact=cpvVYUjkCgDpqcbc0Y0pWGE51vQpQ_0SvTD6_19RiRqXuzZJ&ekaxefact=cpvVYVLkCgB9MlhmH7c02rc5A1Ap0OIFQ7ux-mRsksf6o3VR&ekpbmtpfact=cpvVYVvkCgA1ImyDV0kcZ-gam_JLvAwNMhWi4QVWoYmpUfAs&enpp=cpvVYWTkCgCyPGcEKzYK7frQF1C3ZXAKtXqmXx8rzD7Gf1in&pfi=1&domId=7543222089094626466&dc=NYC3&pubBuyId=2866&crID=340916778&lpu=norton.com&ucrid=14207779116381661102&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=200637&wDspId=80&wbId=7&wrId=0&wAdvID=4502&wDspCampId=15627445824&isRTB=1&rtbId=B01DB8A8-C0C0-4BAD-8A43-BAD2849EB6E0&imprId=ACCD3783-1E2E-42F0-AC10-10B19CAAA3D4&oid=ACCD3783-1E2E-42F0-AC10-10B19CAAA3D4&cntryId=232&domain=bleepingcomputer.com&sec=1&pAuSt=3&wops=0&sURL=bleepingcomputer.com&BrID=5
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

content-type
text/html
content-length
0
date
Wed, 05 Jan 2022 13:21:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA6E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:59 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		914 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=BidTheatre%2Cbeeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
359ae4e2c4018170f1ade1113041fed541dd72c7dd5e4feaa765fd6490fa3109

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=2013371622;ord=1te593;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.bleep...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 2D5A 		58 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=2013371622;ord=1te593;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=J9V2c6E.h7;sttr=260;prcl=s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
97f1eb201e8f22c380eca564ab77a91ea1d8aae955401f405313f6ef399bc17e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23736
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		938 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=beeswax%2CTapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
84c14e7c3d709578cead982cd8aec7f31a6974705bb0ce8d57800e6b1a6ed79d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
dvtp_src.js
cdn.doubleverify.com/ Frame 6C9B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&num=&adid=&advid=2276943&adsrv=1&btreg=512701624&btadsrv=doubleclick&crt=159204078&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e6579bf2dcea73c6baa50d7b8a995644cfd6f071711e52b0bd6b71659052f86b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 08:34:50 GMT
Server
Microsoft-IIS/10.0
ETag
"031831af2d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3291
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C9B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:59 GMT
index.html
s0.2mdn.net/sadbundle/9207558426631077888/ Frame 0AFA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9207558426631077888/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64df6be83710a92cda3d19adabb16fe84dc5080c8b678bfb7a252c6e89490af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2383
date
Fri, 31 Dec 2021 16:55:08 GMT
expires
Sat, 31 Dec 2022 16:55:08 GMT
last-modified
Mon, 04 Oct 2021 14:28:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
419211
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 6C9B 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkZO2nzD29vOXJZA-QUZxwrXfsSD6H8o1u59v_7C64WpehmX0CMSlY10r7FUJlsbNh9eS9SwMe9S14LiVOUzaaF71284G5i8JeLtEuqIpUHy8Qs2gEGuuZKvkwBQp0t8itvvR8ynkQ5gRdbMousDvGgWfiWm1aeg&sig=Cg0ArKJSzB0c6bOR8KzJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=235&cisv=r20211207.89861&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 646B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyegF6FW1pMp4PgJ7dRfk1O2DPRF2b1z_nAdzH3iXut_SBLgG6JkjTJfhaLeATs7ktOtUa5nbcbwzAbhHol_J-8Agrx1b73LwVgHVa5OciUgwXr3k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 646B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:20:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 646B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 646B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:13:40 GMT
l
www.google.com/ads/measurement/ Frame 646B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPSxXfmfdWMINefio3mtGeXhzLavkatzmx2IgllI856e3LD3yysRrVScYhiB1to8i-PVRi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
truncated
/ Frame 6C9B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f34936804ef87d38cb3da7083afff8da1790ce4c4835fb14ce19faf2a902d54

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
dvtp_src.js
cdn.doubleverify.com/ Frame EA6E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=512638494&btadsrv=doubleclick&crt=159933955&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e6579bf2dcea73c6baa50d7b8a995644cfd6f071711e52b0bd6b71659052f86b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 08:34:50 GMT
Server
Microsoft-IIS/10.0
ETag
"031831af2d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3291
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA6E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:59 GMT
adc_RET_makemoney_728x90_HTML5.html
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/ Frame D676 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d847e0ca1de72e6ea6ee76f6e0b1d691f70bb32779d3b2f0bbcd7ec4a4d4d014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2210
date
Thu, 30 Dec 2021 18:08:30 GMT
expires
Fri, 30 Dec 2022 18:08:30 GMT
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
501209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame EA6E 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuf58GHBkkGyEBQTrBm5zqvsssoCSGYvL9zUHDJ3XpBn_eLtfddTPh9Ice3VXIKzmHlatj5Q25HPpekuPurug0tmSWzkIzublLQZEQnVve9CVbNb81fl-mys5dNr2mTusIHTiUcDnCxM44w-KDKpqZBKSJDGJmAmg&sig=Cg0ArKJSzHL8m3u4PNWbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=201&cbvp=1&cstd=194&cisv=r20211207.76981&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame EA6E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0515e210250b4b8612a48d41591265c31a194b2441b462f7fe293da28a2776f4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame 4B2E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66085788&p=156696&s=269885&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6ae2348b4cf656920a059aaf921a6bd86822a9fb063930211736fa81e75c8311

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1693
content-type
text/html; charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		1 KB
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=TapAd%2Cadgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a4fd61571410d4c8ca709d921b3b86b9c9e944d3d0459a482195bd83e18be21e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5854 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQiP--vQIYmsmRvQEwAQ&v=APEucNXT1HQbnSoPc6X4DMVFIiNokqRp8hShF05iK3krlSRxFakuKTMenK8COvEMK_iqlAx90vSSUYvXjTZ17V_sfsWthRiBqA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 05 Jan 2022 13:21:59 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 646B 		51 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxu8PmAM7ibnhe0NNELWNoPhUVyEgd_MLA740RImQXAhKQymFD_tpDlu5CbUgaILElKhyR0DDI-sLWWmrdweN99APbU4nrF9vsrkTmkQFPUymKsFe8va1r4T36SDWuizM79vlMXG-i2Ls-6CKu9b8GpVnHUg&dbm_d=AKAmf-C6IyQlVqdXPfR6kCp947aOue4APLuEwKDRdSoJoNweSnkp1uWKlJjS8QXdLtBZRTR-hg5D6FEeiQt6ZXKsU9_9ROkKo327_iKcE2iSa4opFXinh2Kk9paEPpV27wETQTG_k4sGEjIvjihoyxILwUF2rdD1HUqGPD38gtDCFi7jbrV9w9x7dCSAWSr8gjcapHgUSAaKBW8zrAscZXOO9xic2yuIdt-80nO8FVp38GfE-KN8KIxPLVcnwv0ABbXSkWgSvpPuO7xs0wuVZk_Dluy2zi86zxnBAj4PcQtH5QCCjIrFs4cVSjs9Dy-XWI7Mm0WmSQKAqLON3gs4XbMhzkGqsptBnW4TeDhOnBcOr1KiEhtIRI0B2y59iSmjR6042OxCslJq-b6risudumfsmG6_uvj5YqlCzmvZXZ7N3FmTk1sz0ZagcRu6VRPmy-oqm7ldY0jtgp4IWzK8-Po8wQAv7lZyQVnDlwv2Lb5VXU_MR0125Bp-7hbrB7DYeNWJHNgUHjhnJ2C6uE3HCvfTtli_-e8s04RwmpaX9IjayVx4hBf_W3ggnxPlMixgjjeaoKTt8f50hgB1vcfEnM82AL1Bv2SxavYl0NEAmrQmO5vddrMbykf-8V6yJuSlTW4vDmzPAc8xybzepkpFdlnxeH1uQwz-gaeHfdVYocLFc0ieXqOLZJ6WLjAqLV677IDkWdrdvGDq-X9m7X6Tte6j9hImu_9Gk55LqhzyKTMpSK4JvvCPiNTyMwEGf9ZQQf5mVz-_mkKy3REFCOTnSrplygvhyQyRI-Uzf2W0V8LMxZrv2H9vaP9WvEXaGwPVC_ynmcNraKQsuWON1m99LW9AcK49fb6Dmo8ggnySvLd-rnSITYbZJ12FoUkMXddxsRq1oVotaHWcDbFo8UrWZNkGblgJogz_rnayVYa6lcS6j78Sn5eCnnDMoO0JCqUks3fWWasY61QkfpMEzbZ25JoTPVLKEYlwDVwMAKmjHjbM-sXIfiGIWa65pcnkGg2MgHJKC2S80TMSJwOWpl8VLn6O0Vs4JO7Xy6Ai1twXicrpmEfQ88o6os6cNqRVc0sVlNJ6NF1ucoA5BJox9mfAxlWIFG7r1cmEZV6lqKaKalCih02DbBs-DmZGsQMVTNTQQIdg7Q2tg2FHuumd97njwtzhtbJX9YJBJXwgC4O3bvdh-bJCOFV366UHlhUSdo54qToborrwE4NGR3MOUkGj-HN8KmrjAz5POVcETBkSzZpsvtmP7CGPLnamOu295GbWcxdTyZCjG88XdglSa4HGsY2pk1BWffR1NIKDWKrxCBufM2a5C7CeVnCxzp6VKIc5HdyNDLMzscvCW6A_quf1zNM2r3qyomo_GDfqCPr5AaD3XmSDwPqiLqus5UawjM_vRNN3DIrlEHKGTnsGKifVxWNaYj21qt_0D0WzRAzAed4QyqEPjLTveGKYUNLwsgKULeIMjtWb98Lh1vwoHCVxBI1CsccKY3YwwDg05HJzRii2kn1nDjko4ZvR4PrFcS-BXZFb94VtoTXqjRDfGHcB7effsdKa1-Bs-FO8CJJmoyPXMdnF9t0YriO3nUTd5wnYKt36jC5EdUu6yideqQtpOhE9KF2Whgg5iEm5er8eAd_Of25OgU5u_NsR7U9Sw9P9IKIRl2FaV1_B-mpa2E0kQMVo5A6Ej2-eGHFcgtWRLdqgW18anFxO73mcXu9fweOiiSdsDxzSw2jfW2xV9mG9jvZhZTMedf_9xBy_gxUVJC0O_OEX2udccWGU6EIa4NjQXExq-6ToZcIPIyOMbPkry0BCQzVsmuOgaCSyISIXzBP_nEzjZjOXnW2Cchy6TxTeFISNuhDzFbFEqKZ0me7lk15UqysiV_0ELkG4tRY3q1mgvkZmFlbAwZ2xAKKjBQrv_TvOdyAh27vuFqfdKt70JkUZvAvs8LF9Dv7x3TTecomP2GbxZHK7tiSxkhNBo_cb808t2COGxBsIqojR6DpTuXOIYx4kuUe4OAo544_7hnHOrESCsHS8-xY-I2Oxne_yn-cvTz1uUZg9v3KeDrdwbSBEVodAgRm0X5btHVdVHGbG3ANYkQVWzFL-029rspAW0EwC9f__Y44X1Qo1xDnZoMw3lqGpipvEx0FcsSZGUgnzrP9Zbr_Kt7oH_ZaqorN3PnIVlJC8-OZSsOCeW-ZMOXEJXYF9aNCpQjRmQryk17QRNZJHUNIgw2wMQ0uIYsCuG0zuPp2zgj3vQ1fHwxCAWeS_SVdgQo-4RbRDHjqlDybLrgfXiscXkpAaZOsFUB655v3yYWjLJ7nJ3RjtUOTfyqhhTT8I1Z9Gv-xTwBIpk5aaNz6KLANgzNEGrZ3UHrF-WcbqSkaSAm3Sfy2FNDX9tf2PJygk-P-2oj4XK2u6QFzn8QwvpVRjwRdqi2CzCGnn5l7KYfgHOhdPVwSNeBoIRrsBkACt9jsqgtz7C_dCnD1oU4Q63viSRzGsicsx03ihCxT5eJRVVBZgvxAxOtHN9A3e_ptvM1UbKNzSmKoBEL0dvq-7oeme3XFLeoabY2_iE0eACwnVhc0OuZ3odSktEY_fa877H7GP0HO4VAnyHA0Fr8UAaK4XjVVton7ItJ8T7IqzvB4xyHUWy9q-Z5fV82RJQFjWOZguktqzN6QLRqVUc3ogpRmnPPiW5sAZd9zlXi3uzas2hG6A-WKDp5Qn8j7egtGuImodAbQVXvs2BMzSbUlcRXF1Lmu9gkWVbQ5EbZ__UOdoAX9DkEG7R3oR4PsI6O67uDM2OC4chC3Wm2GPHjXyEjGJSexDelfWLrs49K-rgv0WZj5CBCEYbnzpHpXv4d6TxA1qasxT6lHjF_8rLmPCeWWnlMn6OHTfZQVIFyhJ2SdTAtOMywN2KO1crAu8JF06PMcU7T8PIuxK9tp79Jd88MM--XPcfhRUehXlnIOv1OY8Q47dUu7T87ddZMN9hHq1tXWR7Zpl1L1IB9W9oSDTeh2ZszFDfkA2rQ787L4SKNCZzz0N4oP9qBtX1pylKET1DtNonSWXWpjFXWpw3UH2i4ovPCp-ZCpOhuKdqQT0aPPZJkebdADF5dcpPpdqapdBZdzvOkY1jWuuUCGApiwoiXlZeHpLdL2oT-akeG87PRkIxP5ucV3ZH7V5ehBnv50zPznXQQ&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-6373315980741255%2526output%253Dhtml%2526h%253D90%2526slotname%253D2794737922%2526adk%253D1445061518%2526adf%253D2751418289%2526pi%253Dt.ma~as.2794737922%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526ea%253D0%2526flash%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%2526dt%253D1641388918798%2526bpp%253D6%2526bdt%253D251%2526idt%253D153%2526shv%253Dr20211207%2526mjsv%253Dm202112060101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3472069565444%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D164916553.1641388919%2526ga_sid%253D1641388919%2526ga_hid%253D1631956608%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D437%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D31063752%2526oid%253D2%2526pvsid%253D1834629454140320%2526pem%253D645%2526tmod%253D697%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526eae%253D2%2526fc%253D896%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.k3il0qvc8dj7%2526fsb%253D1%2526dtd%253D167%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de288483797bef7622c4eb1c2e66860067fab0da7ddc661d4baa9ccb0001dbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=2751418289&pi=t.ma~as.2794737922&w=728&rdp=false&psa=0&format=728x90&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&ea=0&flash=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3Dd_IL_INSEARCH&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641388918798&bpp=6&bdt=251&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&correlator=3472069565444&frm=23&ife=1&pv=2&ga_vid=164916553.1641388919&ga_sid=1641388919&ga_hid=1631956608&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1112&biw=1600&bih=1200&isw=728&ish=90&ifk=2121387315&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1834629454140320&pem=645&tmod=697&loc=EMPTY&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k3il0qvc8dj7&fsb=1&dtd=167
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24761
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7E41 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 05 Jan 2022 06:20:52 GMT
expires
Thu, 05 Jan 2023 06:20:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 88C6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 05 Jan 2022 06:20:52 GMT
expires
Thu, 05 Jan 2023 06:20:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2D5A 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
Origin
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jan 2022 06:25:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 2D5A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:17:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2D5A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 06:20:52 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		895 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=adgear%2CPulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
c24525fed8c7bdaaded0838f195c025788f8e848f0833f774b418499770d8844

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 9CFF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv194NA4gEwretDSMYkKPQ57CZlj9rN1pq1DpV2dlaUaYsOjarksDM2DgzcYms7qH_YZbY7thhmjxpqUob978A189uLNoDS9pDvv6zeopoOKZ-rMo8&sai=AMfl-YTamYdjCYYeGnGlJTwfXUeah0-UiJyQzUA_vyhtqE5MSo3O8KZOyWhDWSuPEkct8ToIm8qaAU5kyI7gWhtPajcZ2gFQHdk96wQwGpKxaajNO622MyzhA8LMuM4y&sig=Cg0ArKJSzP6XNG1oq8FXEAE&cid=CAASFeRoquJ2Z97tU2m2EQXXp42cNmhnaw&id=ampim&o=436,226&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1044&mtos=0,0,1044,1044,1044&tos=0,0,1044,0,0&tfs=1074&tls=2118&g=100&h=100&tt=2118&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=960084856
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv-measurements1971.js
cdn.doubleverify.com/ Frame B6F9 		499 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1971.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
25ef3aec431c864ade6adfd215691bdf0a9feee7e2707342833660d7b8784f4e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 12:50:51 GMT
Server
Microsoft-IIS/10.0
ETag
"807f8b3691d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93545
dv-measurements1971.js
cdn.doubleverify.com/ Frame D337 		499 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1971.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
25ef3aec431c864ade6adfd215691bdf0a9feee7e2707342833660d7b8784f4e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 12:50:51 GMT
Server
Microsoft-IIS/10.0
ETag
"807f8b3691d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93545
st
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:21:58 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C098 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 04 Jan 2022 19:21:13 GMT
expires
Wed, 05 Jan 2022 19:21:13 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
64846
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2D5A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd76ff2389dd1eaa9f18dd3d809ee4c7f1582568864c27d881241649077e9e2c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 646B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxu8PmAM7ibnhe0NNELWNoPhUVyEgd_MLA740RImQXAhKQymFD_tpDlu5CbUgaILElKhyR0DDI-sLWWmrdweN99APbU4nrF9vsrkTmkQFPUymKsFe8va1r4T36SDWuizM79vlMXG-i2Ls-6CKu9b8GpVnHUg&dbm_d=AKAmf-C6IyQlVqdXPfR6kCp947aOue4APLuEwKDRdSoJoNweSnkp1uWKlJjS8QXdLtBZRTR-hg5D6FEeiQt6ZXKsU9_9ROkKo327_iKcE2iSa4opFXinh2Kk9paEPpV27wETQTG_k4sGEjIvjihoyxILwUF2rdD1HUqGPD38gtDCFi7jbrV9w9x7dCSAWSr8gjcapHgUSAaKBW8zrAscZXOO9xic2yuIdt-80nO8FVp38GfE-KN8KIxPLVcnwv0ABbXSkWgSvpPuO7xs0wuVZk_Dluy2zi86zxnBAj4PcQtH5QCCjIrFs4cVSjs9Dy-XWI7Mm0WmSQKAqLON3gs4XbMhzkGqsptBnW4TeDhOnBcOr1KiEhtIRI0B2y59iSmjR6042OxCslJq-b6risudumfsmG6_uvj5YqlCzmvZXZ7N3FmTk1sz0ZagcRu6VRPmy-oqm7ldY0jtgp4IWzK8-Po8wQAv7lZyQVnDlwv2Lb5VXU_MR0125Bp-7hbrB7DYeNWJHNgUHjhnJ2C6uE3HCvfTtli_-e8s04RwmpaX9IjayVx4hBf_W3ggnxPlMixgjjeaoKTt8f50hgB1vcfEnM82AL1Bv2SxavYl0NEAmrQmO5vddrMbykf-8V6yJuSlTW4vDmzPAc8xybzepkpFdlnxeH1uQwz-gaeHfdVYocLFc0ieXqOLZJ6WLjAqLV677IDkWdrdvGDq-X9m7X6Tte6j9hImu_9Gk55LqhzyKTMpSK4JvvCPiNTyMwEGf9ZQQf5mVz-_mkKy3REFCOTnSrplygvhyQyRI-Uzf2W0V8LMxZrv2H9vaP9WvEXaGwPVC_ynmcNraKQsuWON1m99LW9AcK49fb6Dmo8ggnySvLd-rnSITYbZJ12FoUkMXddxsRq1oVotaHWcDbFo8UrWZNkGblgJogz_rnayVYa6lcS6j78Sn5eCnnDMoO0JCqUks3fWWasY61QkfpMEzbZ25JoTPVLKEYlwDVwMAKmjHjbM-sXIfiGIWa65pcnkGg2MgHJKC2S80TMSJwOWpl8VLn6O0Vs4JO7Xy6Ai1twXicrpmEfQ88o6os6cNqRVc0sVlNJ6NF1ucoA5BJox9mfAxlWIFG7r1cmEZV6lqKaKalCih02DbBs-DmZGsQMVTNTQQIdg7Q2tg2FHuumd97njwtzhtbJX9YJBJXwgC4O3bvdh-bJCOFV366UHlhUSdo54qToborrwE4NGR3MOUkGj-HN8KmrjAz5POVcETBkSzZpsvtmP7CGPLnamOu295GbWcxdTyZCjG88XdglSa4HGsY2pk1BWffR1NIKDWKrxCBufM2a5C7CeVnCxzp6VKIc5HdyNDLMzscvCW6A_quf1zNM2r3qyomo_GDfqCPr5AaD3XmSDwPqiLqus5UawjM_vRNN3DIrlEHKGTnsGKifVxWNaYj21qt_0D0WzRAzAed4QyqEPjLTveGKYUNLwsgKULeIMjtWb98Lh1vwoHCVxBI1CsccKY3YwwDg05HJzRii2kn1nDjko4ZvR4PrFcS-BXZFb94VtoTXqjRDfGHcB7effsdKa1-Bs-FO8CJJmoyPXMdnF9t0YriO3nUTd5wnYKt36jC5EdUu6yideqQtpOhE9KF2Whgg5iEm5er8eAd_Of25OgU5u_NsR7U9Sw9P9IKIRl2FaV1_B-mpa2E0kQMVo5A6Ej2-eGHFcgtWRLdqgW18anFxO73mcXu9fweOiiSdsDxzSw2jfW2xV9mG9jvZhZTMedf_9xBy_gxUVJC0O_OEX2udccWGU6EIa4NjQXExq-6ToZcIPIyOMbPkry0BCQzVsmuOgaCSyISIXzBP_nEzjZjOXnW2Cchy6TxTeFISNuhDzFbFEqKZ0me7lk15UqysiV_0ELkG4tRY3q1mgvkZmFlbAwZ2xAKKjBQrv_TvOdyAh27vuFqfdKt70JkUZvAvs8LF9Dv7x3TTecomP2GbxZHK7tiSxkhNBo_cb808t2COGxBsIqojR6DpTuXOIYx4kuUe4OAo544_7hnHOrESCsHS8-xY-I2Oxne_yn-cvTz1uUZg9v3KeDrdwbSBEVodAgRm0X5btHVdVHGbG3ANYkQVWzFL-029rspAW0EwC9f__Y44X1Qo1xDnZoMw3lqGpipvEx0FcsSZGUgnzrP9Zbr_Kt7oH_ZaqorN3PnIVlJC8-OZSsOCeW-ZMOXEJXYF9aNCpQjRmQryk17QRNZJHUNIgw2wMQ0uIYsCuG0zuPp2zgj3vQ1fHwxCAWeS_SVdgQo-4RbRDHjqlDybLrgfXiscXkpAaZOsFUB655v3yYWjLJ7nJ3RjtUOTfyqhhTT8I1Z9Gv-xTwBIpk5aaNz6KLANgzNEGrZ3UHrF-WcbqSkaSAm3Sfy2FNDX9tf2PJygk-P-2oj4XK2u6QFzn8QwvpVRjwRdqi2CzCGnn5l7KYfgHOhdPVwSNeBoIRrsBkACt9jsqgtz7C_dCnD1oU4Q63viSRzGsicsx03ihCxT5eJRVVBZgvxAxOtHN9A3e_ptvM1UbKNzSmKoBEL0dvq-7oeme3XFLeoabY2_iE0eACwnVhc0OuZ3odSktEY_fa877H7GP0HO4VAnyHA0Fr8UAaK4XjVVton7ItJ8T7IqzvB4xyHUWy9q-Z5fV82RJQFjWOZguktqzN6QLRqVUc3ogpRmnPPiW5sAZd9zlXi3uzas2hG6A-WKDp5Qn8j7egtGuImodAbQVXvs2BMzSbUlcRXF1Lmu9gkWVbQ5EbZ__UOdoAX9DkEG7R3oR4PsI6O67uDM2OC4chC3Wm2GPHjXyEjGJSexDelfWLrs49K-rgv0WZj5CBCEYbnzpHpXv4d6TxA1qasxT6lHjF_8rLmPCeWWnlMn6OHTfZQVIFyhJ2SdTAtOMywN2KO1crAu8JF06PMcU7T8PIuxK9tp79Jd88MM--XPcfhRUehXlnIOv1OY8Q47dUu7T87ddZMN9hHq1tXWR7Zpl1L1IB9W9oSDTeh2ZszFDfkA2rQ787L4SKNCZzz0N4oP9qBtX1pylKET1DtNonSWXWpjFXWpw3UH2i4ovPCp-ZCpOhuKdqQT0aPPZJkebdADF5dcpPpdqapdBZdzvOkY1jWuuUCGApiwoiXlZeHpLdL2oT-akeG87PRkIxP5ucV3ZH7V5ehBnv50zPznXQQ&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-6373315980741255%2526output%253Dhtml%2526h%253D90%2526slotname%253D2794737922%2526adk%253D1445061518%2526adf%253D2751418289%2526pi%253Dt.ma~as.2794737922%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526ea%253D0%2526flash%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%2526dt%253D1641388918798%2526bpp%253D6%2526bdt%253D251%2526idt%253D153%2526shv%253Dr20211207%2526mjsv%253Dm202112060101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3472069565444%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D164916553.1641388919%2526ga_sid%253D1641388919%2526ga_hid%253D1631956608%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D437%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D31063752%2526oid%253D2%2526pvsid%253D1834629454140320%2526pem%253D645%2526tmod%253D697%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526eae%253D2%2526fc%253D896%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.k3il0qvc8dj7%2526fsb%253D1%2526dtd%253D167%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:21:44 GMT
Long_term_copy_Portfolio_1411_V2_728x90_JPEG_2852_EN_UK.jpg
s0.2mdn.net/9944765/ Frame 646B 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9944765/Long_term_copy_Portfolio_1411_V2_728x90_JPEG_2852_EN_UK.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxu8PmAM7ibnhe0NNELWNoPhUVyEgd_MLA740RImQXAhKQymFD_tpDlu5CbUgaILElKhyR0DDI-sLWWmrdweN99APbU4nrF9vsrkTmkQFPUymKsFe8va1r4T36SDWuizM79vlMXG-i2Ls-6CKu9b8GpVnHUg&dbm_d=AKAmf-C6IyQlVqdXPfR6kCp947aOue4APLuEwKDRdSoJoNweSnkp1uWKlJjS8QXdLtBZRTR-hg5D6FEeiQt6ZXKsU9_9ROkKo327_iKcE2iSa4opFXinh2Kk9paEPpV27wETQTG_k4sGEjIvjihoyxILwUF2rdD1HUqGPD38gtDCFi7jbrV9w9x7dCSAWSr8gjcapHgUSAaKBW8zrAscZXOO9xic2yuIdt-80nO8FVp38GfE-KN8KIxPLVcnwv0ABbXSkWgSvpPuO7xs0wuVZk_Dluy2zi86zxnBAj4PcQtH5QCCjIrFs4cVSjs9Dy-XWI7Mm0WmSQKAqLON3gs4XbMhzkGqsptBnW4TeDhOnBcOr1KiEhtIRI0B2y59iSmjR6042OxCslJq-b6risudumfsmG6_uvj5YqlCzmvZXZ7N3FmTk1sz0ZagcRu6VRPmy-oqm7ldY0jtgp4IWzK8-Po8wQAv7lZyQVnDlwv2Lb5VXU_MR0125Bp-7hbrB7DYeNWJHNgUHjhnJ2C6uE3HCvfTtli_-e8s04RwmpaX9IjayVx4hBf_W3ggnxPlMixgjjeaoKTt8f50hgB1vcfEnM82AL1Bv2SxavYl0NEAmrQmO5vddrMbykf-8V6yJuSlTW4vDmzPAc8xybzepkpFdlnxeH1uQwz-gaeHfdVYocLFc0ieXqOLZJ6WLjAqLV677IDkWdrdvGDq-X9m7X6Tte6j9hImu_9Gk55LqhzyKTMpSK4JvvCPiNTyMwEGf9ZQQf5mVz-_mkKy3REFCOTnSrplygvhyQyRI-Uzf2W0V8LMxZrv2H9vaP9WvEXaGwPVC_ynmcNraKQsuWON1m99LW9AcK49fb6Dmo8ggnySvLd-rnSITYbZJ12FoUkMXddxsRq1oVotaHWcDbFo8UrWZNkGblgJogz_rnayVYa6lcS6j78Sn5eCnnDMoO0JCqUks3fWWasY61QkfpMEzbZ25JoTPVLKEYlwDVwMAKmjHjbM-sXIfiGIWa65pcnkGg2MgHJKC2S80TMSJwOWpl8VLn6O0Vs4JO7Xy6Ai1twXicrpmEfQ88o6os6cNqRVc0sVlNJ6NF1ucoA5BJox9mfAxlWIFG7r1cmEZV6lqKaKalCih02DbBs-DmZGsQMVTNTQQIdg7Q2tg2FHuumd97njwtzhtbJX9YJBJXwgC4O3bvdh-bJCOFV366UHlhUSdo54qToborrwE4NGR3MOUkGj-HN8KmrjAz5POVcETBkSzZpsvtmP7CGPLnamOu295GbWcxdTyZCjG88XdglSa4HGsY2pk1BWffR1NIKDWKrxCBufM2a5C7CeVnCxzp6VKIc5HdyNDLMzscvCW6A_quf1zNM2r3qyomo_GDfqCPr5AaD3XmSDwPqiLqus5UawjM_vRNN3DIrlEHKGTnsGKifVxWNaYj21qt_0D0WzRAzAed4QyqEPjLTveGKYUNLwsgKULeIMjtWb98Lh1vwoHCVxBI1CsccKY3YwwDg05HJzRii2kn1nDjko4ZvR4PrFcS-BXZFb94VtoTXqjRDfGHcB7effsdKa1-Bs-FO8CJJmoyPXMdnF9t0YriO3nUTd5wnYKt36jC5EdUu6yideqQtpOhE9KF2Whgg5iEm5er8eAd_Of25OgU5u_NsR7U9Sw9P9IKIRl2FaV1_B-mpa2E0kQMVo5A6Ej2-eGHFcgtWRLdqgW18anFxO73mcXu9fweOiiSdsDxzSw2jfW2xV9mG9jvZhZTMedf_9xBy_gxUVJC0O_OEX2udccWGU6EIa4NjQXExq-6ToZcIPIyOMbPkry0BCQzVsmuOgaCSyISIXzBP_nEzjZjOXnW2Cchy6TxTeFISNuhDzFbFEqKZ0me7lk15UqysiV_0ELkG4tRY3q1mgvkZmFlbAwZ2xAKKjBQrv_TvOdyAh27vuFqfdKt70JkUZvAvs8LF9Dv7x3TTecomP2GbxZHK7tiSxkhNBo_cb808t2COGxBsIqojR6DpTuXOIYx4kuUe4OAo544_7hnHOrESCsHS8-xY-I2Oxne_yn-cvTz1uUZg9v3KeDrdwbSBEVodAgRm0X5btHVdVHGbG3ANYkQVWzFL-029rspAW0EwC9f__Y44X1Qo1xDnZoMw3lqGpipvEx0FcsSZGUgnzrP9Zbr_Kt7oH_ZaqorN3PnIVlJC8-OZSsOCeW-ZMOXEJXYF9aNCpQjRmQryk17QRNZJHUNIgw2wMQ0uIYsCuG0zuPp2zgj3vQ1fHwxCAWeS_SVdgQo-4RbRDHjqlDybLrgfXiscXkpAaZOsFUB655v3yYWjLJ7nJ3RjtUOTfyqhhTT8I1Z9Gv-xTwBIpk5aaNz6KLANgzNEGrZ3UHrF-WcbqSkaSAm3Sfy2FNDX9tf2PJygk-P-2oj4XK2u6QFzn8QwvpVRjwRdqi2CzCGnn5l7KYfgHOhdPVwSNeBoIRrsBkACt9jsqgtz7C_dCnD1oU4Q63viSRzGsicsx03ihCxT5eJRVVBZgvxAxOtHN9A3e_ptvM1UbKNzSmKoBEL0dvq-7oeme3XFLeoabY2_iE0eACwnVhc0OuZ3odSktEY_fa877H7GP0HO4VAnyHA0Fr8UAaK4XjVVton7ItJ8T7IqzvB4xyHUWy9q-Z5fV82RJQFjWOZguktqzN6QLRqVUc3ogpRmnPPiW5sAZd9zlXi3uzas2hG6A-WKDp5Qn8j7egtGuImodAbQVXvs2BMzSbUlcRXF1Lmu9gkWVbQ5EbZ__UOdoAX9DkEG7R3oR4PsI6O67uDM2OC4chC3Wm2GPHjXyEjGJSexDelfWLrs49K-rgv0WZj5CBCEYbnzpHpXv4d6TxA1qasxT6lHjF_8rLmPCeWWnlMn6OHTfZQVIFyhJ2SdTAtOMywN2KO1crAu8JF06PMcU7T8PIuxK9tp79Jd88MM--XPcfhRUehXlnIOv1OY8Q47dUu7T87ddZMN9hHq1tXWR7Zpl1L1IB9W9oSDTeh2ZszFDfkA2rQ787L4SKNCZzz0N4oP9qBtX1pylKET1DtNonSWXWpjFXWpw3UH2i4ovPCp-ZCpOhuKdqQT0aPPZJkebdADF5dcpPpdqapdBZdzvOkY1jWuuUCGApiwoiXlZeHpLdL2oT-akeG87PRkIxP5ucV3ZH7V5ehBnv50zPznXQQ&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-6373315980741255%2526output%253Dhtml%2526h%253D90%2526slotname%253D2794737922%2526adk%253D1445061518%2526adf%253D2751418289%2526pi%253Dt.ma~as.2794737922%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526ea%253D0%2526flash%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%2526dt%253D1641388918798%2526bpp%253D6%2526bdt%253D251%2526idt%253D153%2526shv%253Dr20211207%2526mjsv%253Dm202112060101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3472069565444%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D164916553.1641388919%2526ga_sid%253D1641388919%2526ga_hid%253D1631956608%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D437%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D31063752%2526oid%253D2%2526pvsid%253D1834629454140320%2526pem%253D645%2526tmod%253D697%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526eae%253D2%2526fc%253D896%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.k3il0qvc8dj7%2526fsb%253D1%2526dtd%253D167%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd8a3005553b3d2b833462417b542ca50eb2727e61469610b6fbbb87710d9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 11:53:02 GMT
x-content-type-options
nosniff
age
5337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41919
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 16:20:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jan 2022 11:53:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 646B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxu8PmAM7ibnhe0NNELWNoPhUVyEgd_MLA740RImQXAhKQymFD_tpDlu5CbUgaILElKhyR0DDI-sLWWmrdweN99APbU4nrF9vsrkTmkQFPUymKsFe8va1r4T36SDWuizM79vlMXG-i2Ls-6CKu9b8GpVnHUg&dbm_d=AKAmf-C6IyQlVqdXPfR6kCp947aOue4APLuEwKDRdSoJoNweSnkp1uWKlJjS8QXdLtBZRTR-hg5D6FEeiQt6ZXKsU9_9ROkKo327_iKcE2iSa4opFXinh2Kk9paEPpV27wETQTG_k4sGEjIvjihoyxILwUF2rdD1HUqGPD38gtDCFi7jbrV9w9x7dCSAWSr8gjcapHgUSAaKBW8zrAscZXOO9xic2yuIdt-80nO8FVp38GfE-KN8KIxPLVcnwv0ABbXSkWgSvpPuO7xs0wuVZk_Dluy2zi86zxnBAj4PcQtH5QCCjIrFs4cVSjs9Dy-XWI7Mm0WmSQKAqLON3gs4XbMhzkGqsptBnW4TeDhOnBcOr1KiEhtIRI0B2y59iSmjR6042OxCslJq-b6risudumfsmG6_uvj5YqlCzmvZXZ7N3FmTk1sz0ZagcRu6VRPmy-oqm7ldY0jtgp4IWzK8-Po8wQAv7lZyQVnDlwv2Lb5VXU_MR0125Bp-7hbrB7DYeNWJHNgUHjhnJ2C6uE3HCvfTtli_-e8s04RwmpaX9IjayVx4hBf_W3ggnxPlMixgjjeaoKTt8f50hgB1vcfEnM82AL1Bv2SxavYl0NEAmrQmO5vddrMbykf-8V6yJuSlTW4vDmzPAc8xybzepkpFdlnxeH1uQwz-gaeHfdVYocLFc0ieXqOLZJ6WLjAqLV677IDkWdrdvGDq-X9m7X6Tte6j9hImu_9Gk55LqhzyKTMpSK4JvvCPiNTyMwEGf9ZQQf5mVz-_mkKy3REFCOTnSrplygvhyQyRI-Uzf2W0V8LMxZrv2H9vaP9WvEXaGwPVC_ynmcNraKQsuWON1m99LW9AcK49fb6Dmo8ggnySvLd-rnSITYbZJ12FoUkMXddxsRq1oVotaHWcDbFo8UrWZNkGblgJogz_rnayVYa6lcS6j78Sn5eCnnDMoO0JCqUks3fWWasY61QkfpMEzbZ25JoTPVLKEYlwDVwMAKmjHjbM-sXIfiGIWa65pcnkGg2MgHJKC2S80TMSJwOWpl8VLn6O0Vs4JO7Xy6Ai1twXicrpmEfQ88o6os6cNqRVc0sVlNJ6NF1ucoA5BJox9mfAxlWIFG7r1cmEZV6lqKaKalCih02DbBs-DmZGsQMVTNTQQIdg7Q2tg2FHuumd97njwtzhtbJX9YJBJXwgC4O3bvdh-bJCOFV366UHlhUSdo54qToborrwE4NGR3MOUkGj-HN8KmrjAz5POVcETBkSzZpsvtmP7CGPLnamOu295GbWcxdTyZCjG88XdglSa4HGsY2pk1BWffR1NIKDWKrxCBufM2a5C7CeVnCxzp6VKIc5HdyNDLMzscvCW6A_quf1zNM2r3qyomo_GDfqCPr5AaD3XmSDwPqiLqus5UawjM_vRNN3DIrlEHKGTnsGKifVxWNaYj21qt_0D0WzRAzAed4QyqEPjLTveGKYUNLwsgKULeIMjtWb98Lh1vwoHCVxBI1CsccKY3YwwDg05HJzRii2kn1nDjko4ZvR4PrFcS-BXZFb94VtoTXqjRDfGHcB7effsdKa1-Bs-FO8CJJmoyPXMdnF9t0YriO3nUTd5wnYKt36jC5EdUu6yideqQtpOhE9KF2Whgg5iEm5er8eAd_Of25OgU5u_NsR7U9Sw9P9IKIRl2FaV1_B-mpa2E0kQMVo5A6Ej2-eGHFcgtWRLdqgW18anFxO73mcXu9fweOiiSdsDxzSw2jfW2xV9mG9jvZhZTMedf_9xBy_gxUVJC0O_OEX2udccWGU6EIa4NjQXExq-6ToZcIPIyOMbPkry0BCQzVsmuOgaCSyISIXzBP_nEzjZjOXnW2Cchy6TxTeFISNuhDzFbFEqKZ0me7lk15UqysiV_0ELkG4tRY3q1mgvkZmFlbAwZ2xAKKjBQrv_TvOdyAh27vuFqfdKt70JkUZvAvs8LF9Dv7x3TTecomP2GbxZHK7tiSxkhNBo_cb808t2COGxBsIqojR6DpTuXOIYx4kuUe4OAo544_7hnHOrESCsHS8-xY-I2Oxne_yn-cvTz1uUZg9v3KeDrdwbSBEVodAgRm0X5btHVdVHGbG3ANYkQVWzFL-029rspAW0EwC9f__Y44X1Qo1xDnZoMw3lqGpipvEx0FcsSZGUgnzrP9Zbr_Kt7oH_ZaqorN3PnIVlJC8-OZSsOCeW-ZMOXEJXYF9aNCpQjRmQryk17QRNZJHUNIgw2wMQ0uIYsCuG0zuPp2zgj3vQ1fHwxCAWeS_SVdgQo-4RbRDHjqlDybLrgfXiscXkpAaZOsFUB655v3yYWjLJ7nJ3RjtUOTfyqhhTT8I1Z9Gv-xTwBIpk5aaNz6KLANgzNEGrZ3UHrF-WcbqSkaSAm3Sfy2FNDX9tf2PJygk-P-2oj4XK2u6QFzn8QwvpVRjwRdqi2CzCGnn5l7KYfgHOhdPVwSNeBoIRrsBkACt9jsqgtz7C_dCnD1oU4Q63viSRzGsicsx03ihCxT5eJRVVBZgvxAxOtHN9A3e_ptvM1UbKNzSmKoBEL0dvq-7oeme3XFLeoabY2_iE0eACwnVhc0OuZ3odSktEY_fa877H7GP0HO4VAnyHA0Fr8UAaK4XjVVton7ItJ8T7IqzvB4xyHUWy9q-Z5fV82RJQFjWOZguktqzN6QLRqVUc3ogpRmnPPiW5sAZd9zlXi3uzas2hG6A-WKDp5Qn8j7egtGuImodAbQVXvs2BMzSbUlcRXF1Lmu9gkWVbQ5EbZ__UOdoAX9DkEG7R3oR4PsI6O67uDM2OC4chC3Wm2GPHjXyEjGJSexDelfWLrs49K-rgv0WZj5CBCEYbnzpHpXv4d6TxA1qasxT6lHjF_8rLmPCeWWnlMn6OHTfZQVIFyhJ2SdTAtOMywN2KO1crAu8JF06PMcU7T8PIuxK9tp79Jd88MM--XPcfhRUehXlnIOv1OY8Q47dUu7T87ddZMN9hHq1tXWR7Zpl1L1IB9W9oSDTeh2ZszFDfkA2rQ787L4SKNCZzz0N4oP9qBtX1pylKET1DtNonSWXWpjFXWpw3UH2i4ovPCp-ZCpOhuKdqQT0aPPZJkebdADF5dcpPpdqapdBZdzvOkY1jWuuUCGApiwoiXlZeHpLdL2oT-akeG87PRkIxP5ucV3ZH7V5ehBnv50zPznXQQ&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-6373315980741255%2526output%253Dhtml%2526h%253D90%2526slotname%253D2794737922%2526adk%253D1445061518%2526adf%253D2751418289%2526pi%253Dt.ma~as.2794737922%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526ea%253D0%2526flash%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%2526dt%253D1641388918798%2526bpp%253D6%2526bdt%253D251%2526idt%253D153%2526shv%253Dr20211207%2526mjsv%253Dm202112060101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3472069565444%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D164916553.1641388919%2526ga_sid%253D1641388919%2526ga_hid%253D1631956608%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D437%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D31063752%2526oid%253D2%2526pvsid%253D1834629454140320%2526pem%253D645%2526tmod%253D697%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526eae%253D2%2526fc%253D896%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.k3il0qvc8dj7%2526fsb%253D1%2526dtd%253D167%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 13:17:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 646B 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-yKRzXLiT9DH8XG0zKDmFRgGXEJiFqQStCyMAcCbwc-PI_htgE7bkctY10t8LK5S5KewHXQajoFGBtR2KPH7Cg5ZFIhcs4mP5FqUAAleHhimj45zVkVc0ZdRKAthPU5sjfszRUK-AikqUjAL3vO96Mg3lN1GlRn9cHWsmMA9209rIwQnLVka07xV5rUABPA3GeZDVWPLyBjcEHdP3QZMipNwnq62zp9BCecgG4066DiZzZZYcbWod9_AOAY6MzPzfdi3udUMcCLh7Xjzd1LhpHx8_G19Elo1oJgGCC23-X1TttIfG7vRicgleqwCSySCtW5ZY8D3b6xrdaAVfH5Rh7MXtPkMNI0gz35QPDcCBRGvOozDBCDNhjZw83GF3ofeFA0Io_DcAMp-JUol_-BL1pjXH54hQzU5y6LH3lDJa8loeHYM9f3cGMubsTQJaf0GRyElxvSjnllvUAvTNJQastGjdyQ3zFzX0PUnhcNy1HyLKEKFQBX1ibGljYjiTlDvfs9lCYPokqrcnJGZHt92IN_4WUzH38BUg6s4vDT3P3nQg9minfF6zU_MhRAGktQbrK2xDbTP9ARNT8V611-IU2QpnU65WSF4oW9H1u4RX2k9Gxls1dUvCEhiI511WaO-HLdPRxkPajfftkFhFNceIKkCjAhtnh47mf_ZuygYheUGYxxXjpXwILBfrk1QNFP6KRCdfxRGucBNvc61wthQzWALDqH5dK3Bc6DYLpD_sTRwViSspxMa6cQx7py1HlbPL1NZ8cG7BTnJl2uG_2OWJFYvRG5EDAaMOZixQ4BqyB_6z7cOI0H7BQXF9Le099Tl6nQAqwjAxoUBHXbJaIYg-cXoO202ZhA_jMjoQv1yV2gZkdBOlmiNweBYyUgc5MwrQhgl437W9VkVB2o7yYN4oiOXxNvIBxQt0SaLq8QWdFDrE6lgVKdbZB2viZhcnuAS12VfrIM7f7U4R8dprvaf2CwhP9eUl7K9TwqJJoupX4B8V_ytIPOU4UThUnz-Z87Y2XvW8sEYrTIRb3r-myB0807GZWtUBbUgAuBAH659QdLnFsDiBx4Y4rJk9odrgExUBOaZzds0aQktXfp26KYnwH58ZitCrL5h5iiUko3-1l2Z1apMOqsQD65MPHmDd0fJqlbFldq4P9M-HpGTTezhoivHrFBACyY0KiR1z1_SIH-4RB11LUzA3FbrrG4Z4eI5iAIZdNJFk7c-DiSQZvmTOBLEnDZ_MFOR2ftolKxITHIttGElSNR9Tag&sai=AMfl-YSd6JNPzYKCDiEAlMGXXbt5WYHhTA2JaQc4qDdLqQOg9IT0QXbrIq_hJEs7gG99Cz5ThYp7ns2lAWp20OzJa0N24t6d4nxdBeoCIY7oXGXJ_w_qa7AgXQ_Kn0L5A_VK0VvoRJpexxwr9wnvtCEWwdLFxRXZklR-wbig235uah1GSIRz4zqzvYbD_J3pLoPRpzYLuC2Ksg81BvTtn5xO5RcIb8RtaIsp788ozGBjK1J3nt2K7axepXIDuToGkIpwxzg&sig=Cg0ArKJSzJD43RnR7UdzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.11577&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxu8PmAM7ibnhe0NNELWNoPhUVyEgd_MLA740RImQXAhKQymFD_tpDlu5CbUgaILElKhyR0DDI-sLWWmrdweN99APbU4nrF9vsrkTmkQFPUymKsFe8va1r4T36SDWuizM79vlMXG-i2Ls-6CKu9b8GpVnHUg&dbm_d=AKAmf-C6IyQlVqdXPfR6kCp947aOue4APLuEwKDRdSoJoNweSnkp1uWKlJjS8QXdLtBZRTR-hg5D6FEeiQt6ZXKsU9_9ROkKo327_iKcE2iSa4opFXinh2Kk9paEPpV27wETQTG_k4sGEjIvjihoyxILwUF2rdD1HUqGPD38gtDCFi7jbrV9w9x7dCSAWSr8gjcapHgUSAaKBW8zrAscZXOO9xic2yuIdt-80nO8FVp38GfE-KN8KIxPLVcnwv0ABbXSkWgSvpPuO7xs0wuVZk_Dluy2zi86zxnBAj4PcQtH5QCCjIrFs4cVSjs9Dy-XWI7Mm0WmSQKAqLON3gs4XbMhzkGqsptBnW4TeDhOnBcOr1KiEhtIRI0B2y59iSmjR6042OxCslJq-b6risudumfsmG6_uvj5YqlCzmvZXZ7N3FmTk1sz0ZagcRu6VRPmy-oqm7ldY0jtgp4IWzK8-Po8wQAv7lZyQVnDlwv2Lb5VXU_MR0125Bp-7hbrB7DYeNWJHNgUHjhnJ2C6uE3HCvfTtli_-e8s04RwmpaX9IjayVx4hBf_W3ggnxPlMixgjjeaoKTt8f50hgB1vcfEnM82AL1Bv2SxavYl0NEAmrQmO5vddrMbykf-8V6yJuSlTW4vDmzPAc8xybzepkpFdlnxeH1uQwz-gaeHfdVYocLFc0ieXqOLZJ6WLjAqLV677IDkWdrdvGDq-X9m7X6Tte6j9hImu_9Gk55LqhzyKTMpSK4JvvCPiNTyMwEGf9ZQQf5mVz-_mkKy3REFCOTnSrplygvhyQyRI-Uzf2W0V8LMxZrv2H9vaP9WvEXaGwPVC_ynmcNraKQsuWON1m99LW9AcK49fb6Dmo8ggnySvLd-rnSITYbZJ12FoUkMXddxsRq1oVotaHWcDbFo8UrWZNkGblgJogz_rnayVYa6lcS6j78Sn5eCnnDMoO0JCqUks3fWWasY61QkfpMEzbZ25JoTPVLKEYlwDVwMAKmjHjbM-sXIfiGIWa65pcnkGg2MgHJKC2S80TMSJwOWpl8VLn6O0Vs4JO7Xy6Ai1twXicrpmEfQ88o6os6cNqRVc0sVlNJ6NF1ucoA5BJox9mfAxlWIFG7r1cmEZV6lqKaKalCih02DbBs-DmZGsQMVTNTQQIdg7Q2tg2FHuumd97njwtzhtbJX9YJBJXwgC4O3bvdh-bJCOFV366UHlhUSdo54qToborrwE4NGR3MOUkGj-HN8KmrjAz5POVcETBkSzZpsvtmP7CGPLnamOu295GbWcxdTyZCjG88XdglSa4HGsY2pk1BWffR1NIKDWKrxCBufM2a5C7CeVnCxzp6VKIc5HdyNDLMzscvCW6A_quf1zNM2r3qyomo_GDfqCPr5AaD3XmSDwPqiLqus5UawjM_vRNN3DIrlEHKGTnsGKifVxWNaYj21qt_0D0WzRAzAed4QyqEPjLTveGKYUNLwsgKULeIMjtWb98Lh1vwoHCVxBI1CsccKY3YwwDg05HJzRii2kn1nDjko4ZvR4PrFcS-BXZFb94VtoTXqjRDfGHcB7effsdKa1-Bs-FO8CJJmoyPXMdnF9t0YriO3nUTd5wnYKt36jC5EdUu6yideqQtpOhE9KF2Whgg5iEm5er8eAd_Of25OgU5u_NsR7U9Sw9P9IKIRl2FaV1_B-mpa2E0kQMVo5A6Ej2-eGHFcgtWRLdqgW18anFxO73mcXu9fweOiiSdsDxzSw2jfW2xV9mG9jvZhZTMedf_9xBy_gxUVJC0O_OEX2udccWGU6EIa4NjQXExq-6ToZcIPIyOMbPkry0BCQzVsmuOgaCSyISIXzBP_nEzjZjOXnW2Cchy6TxTeFISNuhDzFbFEqKZ0me7lk15UqysiV_0ELkG4tRY3q1mgvkZmFlbAwZ2xAKKjBQrv_TvOdyAh27vuFqfdKt70JkUZvAvs8LF9Dv7x3TTecomP2GbxZHK7tiSxkhNBo_cb808t2COGxBsIqojR6DpTuXOIYx4kuUe4OAo544_7hnHOrESCsHS8-xY-I2Oxne_yn-cvTz1uUZg9v3KeDrdwbSBEVodAgRm0X5btHVdVHGbG3ANYkQVWzFL-029rspAW0EwC9f__Y44X1Qo1xDnZoMw3lqGpipvEx0FcsSZGUgnzrP9Zbr_Kt7oH_ZaqorN3PnIVlJC8-OZSsOCeW-ZMOXEJXYF9aNCpQjRmQryk17QRNZJHUNIgw2wMQ0uIYsCuG0zuPp2zgj3vQ1fHwxCAWeS_SVdgQo-4RbRDHjqlDybLrgfXiscXkpAaZOsFUB655v3yYWjLJ7nJ3RjtUOTfyqhhTT8I1Z9Gv-xTwBIpk5aaNz6KLANgzNEGrZ3UHrF-WcbqSkaSAm3Sfy2FNDX9tf2PJygk-P-2oj4XK2u6QFzn8QwvpVRjwRdqi2CzCGnn5l7KYfgHOhdPVwSNeBoIRrsBkACt9jsqgtz7C_dCnD1oU4Q63viSRzGsicsx03ihCxT5eJRVVBZgvxAxOtHN9A3e_ptvM1UbKNzSmKoBEL0dvq-7oeme3XFLeoabY2_iE0eACwnVhc0OuZ3odSktEY_fa877H7GP0HO4VAnyHA0Fr8UAaK4XjVVton7ItJ8T7IqzvB4xyHUWy9q-Z5fV82RJQFjWOZguktqzN6QLRqVUc3ogpRmnPPiW5sAZd9zlXi3uzas2hG6A-WKDp5Qn8j7egtGuImodAbQVXvs2BMzSbUlcRXF1Lmu9gkWVbQ5EbZ__UOdoAX9DkEG7R3oR4PsI6O67uDM2OC4chC3Wm2GPHjXyEjGJSexDelfWLrs49K-rgv0WZj5CBCEYbnzpHpXv4d6TxA1qasxT6lHjF_8rLmPCeWWnlMn6OHTfZQVIFyhJ2SdTAtOMywN2KO1crAu8JF06PMcU7T8PIuxK9tp79Jd88MM--XPcfhRUehXlnIOv1OY8Q47dUu7T87ddZMN9hHq1tXWR7Zpl1L1IB9W9oSDTeh2ZszFDfkA2rQ787L4SKNCZzz0N4oP9qBtX1pylKET1DtNonSWXWpjFXWpw3UH2i4ovPCp-ZCpOhuKdqQT0aPPZJkebdADF5dcpPpdqapdBZdzvOkY1jWuuUCGApiwoiXlZeHpLdL2oT-akeG87PRkIxP5ucV3ZH7V5ehBnv50zPznXQQ&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-6373315980741255%2526output%253Dhtml%2526h%253D90%2526slotname%253D2794737922%2526adk%253D1445061518%2526adf%253D2751418289%2526pi%253Dt.ma~as.2794737922%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526ea%253D0%2526flash%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%2526dt%253D1641388918798%2526bpp%253D6%2526bdt%253D251%2526idt%253D153%2526shv%253Dr20211207%2526mjsv%253Dm202112060101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3472069565444%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D164916553.1641388919%2526ga_sid%253D1641388919%2526ga_hid%253D1631956608%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D437%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D31063752%2526oid%253D2%2526pvsid%253D1834629454140320%2526pem%253D645%2526tmod%253D697%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526eae%253D2%2526fc%253D896%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.k3il0qvc8dj7%2526fsb%253D1%2526dtd%253D167%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 05 Jan 2022 13:21:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 646B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxu8PmAM7ibnhe0NNELWNoPhUVyEgd_MLA740RImQXAhKQymFD_tpDlu5CbUgaILElKhyR0DDI-sLWWmrdweN99APbU4nrF9vsrkTmkQFPUymKsFe8va1r4T36SDWuizM79vlMXG-i2Ls-6CKu9b8GpVnHUg&dbm_d=AKAmf-C6IyQlVqdXPfR6kCp947aOue4APLuEwKDRdSoJoNweSnkp1uWKlJjS8QXdLtBZRTR-hg5D6FEeiQt6ZXKsU9_9ROkKo327_iKcE2iSa4opFXinh2Kk9paEPpV27wETQTG_k4sGEjIvjihoyxILwUF2rdD1HUqGPD38gtDCFi7jbrV9w9x7dCSAWSr8gjcapHgUSAaKBW8zrAscZXOO9xic2yuIdt-80nO8FVp38GfE-KN8KIxPLVcnwv0ABbXSkWgSvpPuO7xs0wuVZk_Dluy2zi86zxnBAj4PcQtH5QCCjIrFs4cVSjs9Dy-XWI7Mm0WmSQKAqLON3gs4XbMhzkGqsptBnW4TeDhOnBcOr1KiEhtIRI0B2y59iSmjR6042OxCslJq-b6risudumfsmG6_uvj5YqlCzmvZXZ7N3FmTk1sz0ZagcRu6VRPmy-oqm7ldY0jtgp4IWzK8-Po8wQAv7lZyQVnDlwv2Lb5VXU_MR0125Bp-7hbrB7DYeNWJHNgUHjhnJ2C6uE3HCvfTtli_-e8s04RwmpaX9IjayVx4hBf_W3ggnxPlMixgjjeaoKTt8f50hgB1vcfEnM82AL1Bv2SxavYl0NEAmrQmO5vddrMbykf-8V6yJuSlTW4vDmzPAc8xybzepkpFdlnxeH1uQwz-gaeHfdVYocLFc0ieXqOLZJ6WLjAqLV677IDkWdrdvGDq-X9m7X6Tte6j9hImu_9Gk55LqhzyKTMpSK4JvvCPiNTyMwEGf9ZQQf5mVz-_mkKy3REFCOTnSrplygvhyQyRI-Uzf2W0V8LMxZrv2H9vaP9WvEXaGwPVC_ynmcNraKQsuWON1m99LW9AcK49fb6Dmo8ggnySvLd-rnSITYbZJ12FoUkMXddxsRq1oVotaHWcDbFo8UrWZNkGblgJogz_rnayVYa6lcS6j78Sn5eCnnDMoO0JCqUks3fWWasY61QkfpMEzbZ25JoTPVLKEYlwDVwMAKmjHjbM-sXIfiGIWa65pcnkGg2MgHJKC2S80TMSJwOWpl8VLn6O0Vs4JO7Xy6Ai1twXicrpmEfQ88o6os6cNqRVc0sVlNJ6NF1ucoA5BJox9mfAxlWIFG7r1cmEZV6lqKaKalCih02DbBs-DmZGsQMVTNTQQIdg7Q2tg2FHuumd97njwtzhtbJX9YJBJXwgC4O3bvdh-bJCOFV366UHlhUSdo54qToborrwE4NGR3MOUkGj-HN8KmrjAz5POVcETBkSzZpsvtmP7CGPLnamOu295GbWcxdTyZCjG88XdglSa4HGsY2pk1BWffR1NIKDWKrxCBufM2a5C7CeVnCxzp6VKIc5HdyNDLMzscvCW6A_quf1zNM2r3qyomo_GDfqCPr5AaD3XmSDwPqiLqus5UawjM_vRNN3DIrlEHKGTnsGKifVxWNaYj21qt_0D0WzRAzAed4QyqEPjLTveGKYUNLwsgKULeIMjtWb98Lh1vwoHCVxBI1CsccKY3YwwDg05HJzRii2kn1nDjko4ZvR4PrFcS-BXZFb94VtoTXqjRDfGHcB7effsdKa1-Bs-FO8CJJmoyPXMdnF9t0YriO3nUTd5wnYKt36jC5EdUu6yideqQtpOhE9KF2Whgg5iEm5er8eAd_Of25OgU5u_NsR7U9Sw9P9IKIRl2FaV1_B-mpa2E0kQMVo5A6Ej2-eGHFcgtWRLdqgW18anFxO73mcXu9fweOiiSdsDxzSw2jfW2xV9mG9jvZhZTMedf_9xBy_gxUVJC0O_OEX2udccWGU6EIa4NjQXExq-6ToZcIPIyOMbPkry0BCQzVsmuOgaCSyISIXzBP_nEzjZjOXnW2Cchy6TxTeFISNuhDzFbFEqKZ0me7lk15UqysiV_0ELkG4tRY3q1mgvkZmFlbAwZ2xAKKjBQrv_TvOdyAh27vuFqfdKt70JkUZvAvs8LF9Dv7x3TTecomP2GbxZHK7tiSxkhNBo_cb808t2COGxBsIqojR6DpTuXOIYx4kuUe4OAo544_7hnHOrESCsHS8-xY-I2Oxne_yn-cvTz1uUZg9v3KeDrdwbSBEVodAgRm0X5btHVdVHGbG3ANYkQVWzFL-029rspAW0EwC9f__Y44X1Qo1xDnZoMw3lqGpipvEx0FcsSZGUgnzrP9Zbr_Kt7oH_ZaqorN3PnIVlJC8-OZSsOCeW-ZMOXEJXYF9aNCpQjRmQryk17QRNZJHUNIgw2wMQ0uIYsCuG0zuPp2zgj3vQ1fHwxCAWeS_SVdgQo-4RbRDHjqlDybLrgfXiscXkpAaZOsFUB655v3yYWjLJ7nJ3RjtUOTfyqhhTT8I1Z9Gv-xTwBIpk5aaNz6KLANgzNEGrZ3UHrF-WcbqSkaSAm3Sfy2FNDX9tf2PJygk-P-2oj4XK2u6QFzn8QwvpVRjwRdqi2CzCGnn5l7KYfgHOhdPVwSNeBoIRrsBkACt9jsqgtz7C_dCnD1oU4Q63viSRzGsicsx03ihCxT5eJRVVBZgvxAxOtHN9A3e_ptvM1UbKNzSmKoBEL0dvq-7oeme3XFLeoabY2_iE0eACwnVhc0OuZ3odSktEY_fa877H7GP0HO4VAnyHA0Fr8UAaK4XjVVton7ItJ8T7IqzvB4xyHUWy9q-Z5fV82RJQFjWOZguktqzN6QLRqVUc3ogpRmnPPiW5sAZd9zlXi3uzas2hG6A-WKDp5Qn8j7egtGuImodAbQVXvs2BMzSbUlcRXF1Lmu9gkWVbQ5EbZ__UOdoAX9DkEG7R3oR4PsI6O67uDM2OC4chC3Wm2GPHjXyEjGJSexDelfWLrs49K-rgv0WZj5CBCEYbnzpHpXv4d6TxA1qasxT6lHjF_8rLmPCeWWnlMn6OHTfZQVIFyhJ2SdTAtOMywN2KO1crAu8JF06PMcU7T8PIuxK9tp79Jd88MM--XPcfhRUehXlnIOv1OY8Q47dUu7T87ddZMN9hHq1tXWR7Zpl1L1IB9W9oSDTeh2ZszFDfkA2rQ787L4SKNCZzz0N4oP9qBtX1pylKET1DtNonSWXWpjFXWpw3UH2i4ovPCp-ZCpOhuKdqQT0aPPZJkebdADF5dcpPpdqapdBZdzvOkY1jWuuUCGApiwoiXlZeHpLdL2oT-akeG87PRkIxP5ucV3ZH7V5ehBnv50zPznXQQ&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-6373315980741255%2526output%253Dhtml%2526h%253D90%2526slotname%253D2794737922%2526adk%253D1445061518%2526adf%253D2751418289%2526pi%253Dt.ma~as.2794737922%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526ea%253D0%2526flash%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%2526dt%253D1641388918798%2526bpp%253D6%2526bdt%253D251%2526idt%253D153%2526shv%253Dr20211207%2526mjsv%253Dm202112060101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3472069565444%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D164916553.1641388919%2526ga_sid%253D1641388919%2526ga_hid%253D1631956608%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D437%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D31063752%2526oid%253D2%2526pvsid%253D1834629454140320%2526pem%253D645%2526tmod%253D697%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526eae%253D2%2526fc%253D896%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.k3il0qvc8dj7%2526fsb%253D1%2526dtd%253D167%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 06:20:52 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame D676 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:13::17d7:8222 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:37:00 GMT
adc_RET_makemoney_728x90_HTML5.js
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/ Frame D676 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c9750908a03d795133b57791444f81f933ab878656d5aa063acce0248a467f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 16:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75657
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4772
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Jan 2023 16:21:02 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0AFA 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9207558426631077888/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9207558426631077888/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jan 2022 13:21:59 GMT
adc_ALZ_Terrie_Shon_Talia_eng_300x250_animated.js
s0.2mdn.net/sadbundle/9207558426631077888/ Frame 0AFA 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9207558426631077888/adc_ALZ_Terrie_Shon_Talia_eng_300x250_animated.js?1632259439825
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9207558426631077888/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f375518ca1476ba30f04b2afaed6bf131988213771edd0793c5ddccc20066c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9207558426631077888/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 01:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474387
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11095
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:28:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Dec 2022 01:35:32 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		942 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=Pulsepoint%2Cbrightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ffaf136ecb5996c8bc521b9f8678ca9e132d3f9009278b29060a7efc8dac4f18

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5254 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0Am4dZvVYf0yx4s1joiusAYAAAAAOAHgBAI&bg=!EhGlEVXNAAZKWFskSlg7ACkAdvg8Wp42ry937OraporFDBXf876z_0-AxfRSOPKpTEmNRLBjFIhqWwIAAAHrUgAAAK5oAQcKADesOZhb96NaU4jo5x6J5liE-NGwJBsWM2kttsEKXbm8dGsjysDtvtx3NkJtZe82adFAHtNhnqA9mQL2UsVpwxmorZiP_LEngfGlNf83lUz0aBVLYOI1wQfr1HsnJXI3O1RKTAeR9Hffeb5cn-iFSCbfb1uyVgdHCIzYblROKyRyLt_bqp8Y3vMdmaS3tFkDMh9H9zbJK8oJpr220u0GZ8HtdVBw_rzp3jMJ6PA1GeJfU209SkxJEFAgtqO8-VS2CTp9SafTsfkkd3TCDfx_hX-de1p9Zg4WX3gkxMHu747oOAn_8wo_nwiWocMKk9nImSpJlViZHykKeKIv3weY_NKktZy9ek6HrV-VoeOK-AsKAvrvaoqlgEeLfdxjlk241pOZ1qAwjhg5i3_iot4tFIcnm-H52XteXwByUkXbXEVxBHDHbxz0NySeGSHAWYyHNlqGfPTXF9ba5b_DyhweHHxgIvaj1QO_OUyM7WJgZL60omKuhpuuHDvGsBY_xKW35jAEHPbnkuV2ofILi-_c_iHQG2KTKmmMTDHekIXv583LsgykoGaxybUsZdK6YlGjAyQLkmzyVZ-pDG0O4s6yypNQZQgaYfyNx6j3kngK_dvFLi53iOZ0CAvJ2sl7muzhO3HrXqhVMt0tHxjH_h78T5KyNpMGh9AMJb9xRx8385Vi1VmRnDC8ntYvgbKE6mrKJI8PW1cn7RwrFd6PRiPP2kd3zit1ZFneF-oiGyOV3wHQMcgp7w5bBMn8fpeDccxOVC2563JSbfmMgf_VrN4HrWeokHa1j3AAsP_bsJCRW8DE39iTL55hLOHk8zZFEIzm9udMFWdyqnCLn3InLmpoKuD3UvInMClf4leVIZQytgKnjr8_AGa3BNeqpU17CE-undd9wyZPsf2m0qEjmLWzKJaWiF0Ks4zw4WPNhtWFqS9vIqlEaUfOvHk2Ieb7fLHXu2M141mdzQF4f_h9o9BDCC9_rJrUSG2JDC4vBtwJIzxsftf7ZIxQ955XUpTa7ibEebtbCIYdJOMBfNGi0YHo5YwFYh-7cvB6tAP2vQbYVz6-D5VzDuv-MAkpIrH5Gi-fOoI
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 1877
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f2c757f6-80f6-43cb-b909-add5e66ce6ea&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=54621527-E2AF-48B3-9A20-16DF7E99F819
42 B
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=54621527-E2AF-48B3-9A20-16DF7E99F819
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.210.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-210-192.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Wed, 05 Jan 2022 13:21:59 GMT
x-lat
njrpug002:0:535
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=54621527-E2AF-48B3-9A20-16DF7E99F819
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 75E6
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=487b72e9-62a0-4f89-82a4-418d3a136cec-tuct8cf20f7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=487b72e9-62a0-4f89-82a4-418d3a136cec-tuct8cf20f7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 05 Jan 2022 13:22:00 GMT
via
1.1 varnish
x-served-by
cache-fty21350-FTY
x-cache
MISS
x-cache-hits
0
x-timer
S1641388920.384912,VS0,VE24
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=487b72e9-62a0-4f89-82a4-418d3a136cec-tuct8cf20f7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 05 Jan 2022 13:21:59 GMT
via
1.1 varnish
x-served-by
cache-fty21380-FTY
x-cache
MISS
x-cache-hits
0
x-timer
S1641388920.957918,VS0,VE24
x-vcl-time-ms
24
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame B9ED
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=ToEixhi6CXGO6ehfeJvVYQ
42 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=ToEixhi6CXGO6ehfeJvVYQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 08:27:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug004:0:421
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=ToEixhi6CXGO6ehfeJvVYQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pug
simage2.pubmatic.com/AdServer/ Frame BF38
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html; charset=utf-8
x-lat
njrpug029:2:279
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 05 Jan 2022 13:22:00 GMT
server
_
cookiesync
core.iprom.net/ Frame 2328 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
komodo-470bde82190d@version_1.366v3
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Wed, 05 Jan 2022 13:22:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 39EC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 05 Jan 2022 10:14:08 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug021:0:497
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Wed, 05 Jan 2022 13:21:59 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1D5525D15A044016B14FBC531747C717
expires
Tue, 04 Jan 2022 13:21:59 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 4B2E
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000093F8F2077A
42 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000093F8F2077A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 11:20:13 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug030:0:460
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 05 Jan 2022 13:22:05 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000093F8F2077A
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4B2E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6285311477415990070
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6285311477415990070
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug018:0:510
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:00 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 582.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d6f8189d-888e-4e6d-8790-f9155cba4d0b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6285311477415990070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4B2E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:80c83626-daad-40d9-b18c-a4b2cb54ed73&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:80c83626-daad-40d9-b18c-a4b2cb54ed73&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 11:40:40 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug022:0:387
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:80c83626-daad-40d9-b18c-a4b2cb54ed73&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 05 Jan 2022 13:22:00 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame 4B2E 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.252.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-252-253.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6ADC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6k9DdZvVYe70GMudoway25DQDAAAAAA4AeAEAg&bg=!iIuli8_NAAZKWFskSlg7ACkAdvg8Wiru8s-oWRhElqYUnP_7iqZLC-XN8I8EQOyt_w6PwJhL3qP03AIAAAIOUgAAALpoAQcKAC-PKsPw9ScU9TatYHwO750oVzg3GO7y8r8yfQnazCw865f63L93M-rAY5UYQ1aRcpkC-ub-Bxqu7mQhOXLe2gXTUfFu9oiZD98d_uZmcU1RW3lH056e8lettD9_N3Me1oumrbKNjAQJKZjBT4Ndip0hA3wK_d2BCO_mFqZ33RsD2NuPpZv9WblXy2C87x8_-roYiiHP6hNq6Mcund8rs0KKFoNOxmRS5s1FWuIMlxiUZaa28mILjL0oBl1jNs8hyP4zhUAIVzqahftSFx7yAInQZBDGDL4RNkJsagqlPWxDt3knSKXS37pqe3ndEdAUhK4wg5Xf6oeoRcpTXeLz17_6Gia0ScT1l3LlLyJGAY4YKlF4H5-k0vD1VL7yu5M9DvpedD6Jfg0Fp1ybrd2WrMotm6QJ1GLasCw1GJfmSMMEGPge426c8eQ98QlzMG0tTjbngj1nZRbETyw60-ZIwKCYeYJ_IxXtsydyc_wMezk7Qq_je2QywQjOM9R-XqzPovXWursm7RsjXPRn8FjoeHX0fhutL3NmAPEimr9mieeFBMEc9fAdSC_Lp01GL1txGlS0_w4q8gVhwE0crBTyQ2ijGozZW7e_EBKHlE63Kpld3KXcfGzkIwzKkXLi-khwRmGDOAaXo9Ps0yqbCSIKSkgOepPX_zs42o-VYa_UptMs-gQ-w3jVVwrzQPhgWNqAAR3R1z-JdMl-e0f-zt6-YGLuB4BYmC33_wY7OcJs00c9LCtUjX9fHblDYdO6w6Pu2Ijr2-02GRpzCxznFhkgIXj2nYRfWDvZX9jTbcEM7udah-kR1xwWdQRPfr3KzSDAODAPRaB815eOrsmzn7akrbaXUw5J905AGPkVpd6CGn2PeQ2aSVoIAK_1il8k781VIcyYQcC8NFifmmF34dhvuRuFnGrtEXLHHoo_f3T1NykXQAOQXyjeShOSsFHeiQnK0Kh6Tw-xbHsp0wEm7Fqz_H2rj1i60fIiXFCmWuxUPoG27kWakXcMWEuC1ahOj3_D_xrJFJQtRNlGIK_eZF_PIK7ot05UTFpZIPvcrjLDyKs9b6mfo0fhaB_dZSDDbA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 2D5A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=512638494&btadsrv=doubleclick&crt=159933955&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e6579bf2dcea73c6baa50d7b8a995644cfd6f071711e52b0bd6b71659052f86b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:21:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 08:34:50 GMT
Server
Microsoft-IIS/10.0
ETag
"031831af2d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3291
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D5A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:21:59 GMT
adc_RET_makemoney_728x90_HTML5.html
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/ Frame 15C9 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d847e0ca1de72e6ea6ee76f6e0b1d691f70bb32779d3b2f0bbcd7ec4a4d4d014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2210
date
Thu, 30 Dec 2021 18:08:30 GMT
expires
Fri, 30 Dec 2022 18:08:30 GMT
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
501209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2D5A 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLIET7SPr7gbDGOmusdtndyfgi3G7a_HvesgEIaMvyry1hsAZKcsCRWKJHNuUFLdUkQ_Y2ZG2rkP7U0U_xE0E2Ddfd7VcJI0KrjwFee4cASepz9opW8qn2N0mi7nmptlr2AIDOXXw7f17dmyBcuNUgJgMswqOyeQ&sig=Cg0ArKJSzNfR6gGCmggKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=249&cisv=r20211207.74069&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:21:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
syncnoad
partners.tremorhub.com/ Frame 657E 		887 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=brightroll%2Cbeachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e4def753f5267c3df33bfc705fe00b4b0995ea351f34d29ae2106efac8afca70

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:21:59 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 33BB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 05 Jan 2022 06:20:52 GMT
expires
Thu, 05 Jan 2023 06:20:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
visit.js
tps.doubleverify.com/ Frame B6F9 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=217&ttfrms=30&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTauDJ%3F%40%3D%408J%5CH2C%3FD%5C%407%5C%3E2%3DH2C6%5C%3A%3F764E%3A%3F8%5C%3F2D%5C56G%3A46D%5CH%3AE9%5CC2%3FD%40%3EH2C6TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=3242&ddur=49&uid=1641388919995421&jsCallback=dvCallback_1641388919995165&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1971&tgjsver=1971&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&fwc=0&fcl=1041&flt=12&fec=1473&fcifrms=26&brh=2&sdf=2&dvp_epl=339&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&crt=159204078&btreg=512701624&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=5508413136.278872&dvp_tukv=1673186446.0187829&dvp_uuid=2271057934.3276644&dvp_tuid=1238424212010
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
a13377b7382f35764c0871f85c4238b26ee9a4293b716fe02c158b22229dd24f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:44 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
01/04/2022 13:22:00
adc_ALZ_Terrie_Shon_Talia_eng_300x250_animated_atlas_1.png
s0.2mdn.net/sadbundle/9207558426631077888/images/ Frame 0AFA 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9207558426631077888/images/adc_ALZ_Terrie_Shon_Talia_eng_300x250_animated_atlas_1.png?1632259439778
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1f8bf949ecfe6133db96d42a0bfdb78bca0449c9b4a6f0d2696d6b02b380bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9207558426631077888/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 16:02:34 GMT
x-content-type-options
nosniff
age
595166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298420
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:28:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 16:02:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6C9B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkZO2nzD29vOXJZA-QUZxwrXfsSD6H8o1u59v_7C64WpehmX0CMSlY10r7FUJlsbNh9eS9SwMe9S14LiVOUzaaF71284G5i8JeLtEuqIpUHy8Qs2gEGuuZKvkwBQp0t8itvvR8ynkQ5gRdbMousDvGgWfiWm1aeg&sig=Cg0ArKJSzB0c6bOR8KzJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=841&vt=11&dtpt=598&dett=3&cstd=235&cisv=r20211207.89861&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9E2 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjhY2dpvVYee1ENWVoPMPvtCWaAAAAAA4AeAEAg&bg=!JSalJmLNAAZKWFskSlg7ACkAdvg8WuD0sA5IG4TMkt17NVIH8g4pqylR_ijutZ9ja4VMHviOX35F4QIAAAKrUgAAAFdoAQeZAwqJQ1cKRsOrUODe_DO0a2p-5wZ9wIlFakEa-p6L6Jf2vXBzCmWXoFss4Ns1QGl7zWQxTmU-7xDPlg0AsmSVmWO0SH0IAiVGrCFQCSz3P86hoFiM9dBhl82pPsTQrw9rjNF27bdJ1MZpYJx9X_f0CKISjhjsvYTTZFU-XS8e3lkCuQU5yHkh8NFnuwgSTD2LCtgUozWnySMON0Ve4MTgVL3xDrVLFXWAqarDpCNRDBl4ityKJRFtz-AP00eloxEXUT86114q3zjfdf4gEMt8cjeuyTi8mpAcVcqk93eReFG3CR_Mcy7w4JQj6Nuthq3vC99E2fVHWhI8ltFheqCwcnNTB0qLEVdslvHX4QoJBu-TmsfokBc-J9KFtd-Yq6Iips1BH8fYRntLu-Wv0qu4xJaN_UtW5uefsEDXYt3VztoYrI8R0hEE-tNCcbB3nD2lnzZY96Uu-b6tK_nekjw8k44sF-uNcpn-nNrBf9ATs5QXMMr_w_NTqBph-TIDk_NWMGehSiN9pyVvsea1Y5ptjXh7CRy5fPg9WBDzF3-kyyrrJxT4ZIienmUzvINyyj8SBY_DwH0oM6K9OJ6dS3_Gjje77naERGP6DhTSP-7owGiznHqz07Osl1UTiA2TF9zQcBGdPFcOnPfz8iGQXj5L_0kth6ggAOOtWtnsZQZbQ9vbMHHyfXWvKZeAI-GQR3Znr03Gn-FjqGzgbi0P2hDJhbVPFUId6j9K4YPcTV0jsnrK5qXtEKqAo5TO3x5wYnRmZyU2qRYwMkNXVER1hW7NgywBSkB8KT00iJ62c-Bb48V7mmc6uP0GWKpwnQx0FoJHOGhm1e_AI9lEat_2Qh7g-bOEf5c7qQNly4xiQocnpqIRWhHg3K1KGv-eaXm5ATDAwY2qJNjvhNu2kyMGk7WFKbxC2yUGXZZ8RbfWKs5WdBR6SuHzv38NaaUHJ3fQeG5Rfk9nFKABc87IQycK3e5a2NxAo77VpYS17p5X8EdR_XuOTAX0v-LoIxM_IXIa-xpl4nUASOscM9mCbwrn
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame D337 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=314&ttfrms=9&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTauDJ%3F%40%3D%408J%5CH2C%3FD%5C%407%5C%3E2%3DH2C6%5C%3A%3F764E%3A%3F8%5C%3F2D%5C56G%3A46D%5CH%3AE9%5CC2%3FD%40%3EH2C6TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=3197&ddur=50&uid=1641388920100599&jsCallback=dvCallback_1641388920100193&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1971&tgjsver=1971&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&fwc=0&fcl=1041&flt=12&fec=1473&fcifrms=26&brh=2&sdf=2&dvp_epl=339&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=159933955&btreg=512638494&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=6651291065.574754&dvp_tukv=1101243738770.2861&dvp_uuid=75633602077.52614&dvp_tuid=1611305100353
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
1737ee2ce08a5738bb5c3ab4c5004ada6a75d5d99588f20ad887e64a60adcb79

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:00 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
01/04/2022 13:22:00
truncated
/ Frame 646B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c998da8897d0645f9f06da676b75f5e8ecb2fa07bbd546e054ba36816db7aa68

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 7E41 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
25601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:15:19 GMT
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 88C6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
25601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:15:19 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F18A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 05 Jan 2022 06:20:52 GMT
expires
Thu, 05 Jan 2023 06:20:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 646B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-yKRzXLiT9DH8XG0zKDmFRgGXEJiFqQStCyMAcCbwc-PI_htgE7bkctY10t8LK5S5KewHXQajoFGBtR2KPH7Cg5ZFIhcs4mP5FqUAAleHhimj45zVkVc0ZdRKAthPU5sjfszRUK-AikqUjAL3vO96Mg3lN1GlRn9cHWsmMA9209rIwQnLVka07xV5rUABPA3GeZDVWPLyBjcEHdP3QZMipNwnq62zp9BCecgG4066DiZzZZYcbWod9_AOAY6MzPzfdi3udUMcCLh7Xjzd1LhpHx8_G19Elo1oJgGCC23-X1TttIfG7vRicgleqwCSySCtW5ZY8D3b6xrdaAVfH5Rh7MXtPkMNI0gz35QPDcCBRGvOozDBCDNhjZw83GF3ofeFA0Io_DcAMp-JUol_-BL1pjXH54hQzU5y6LH3lDJa8loeHYM9f3cGMubsTQJaf0GRyElxvSjnllvUAvTNJQastGjdyQ3zFzX0PUnhcNy1HyLKEKFQBX1ibGljYjiTlDvfs9lCYPokqrcnJGZHt92IN_4WUzH38BUg6s4vDT3P3nQg9minfF6zU_MhRAGktQbrK2xDbTP9ARNT8V611-IU2QpnU65WSF4oW9H1u4RX2k9Gxls1dUvCEhiI511WaO-HLdPRxkPajfftkFhFNceIKkCjAhtnh47mf_ZuygYheUGYxxXjpXwILBfrk1QNFP6KRCdfxRGucBNvc61wthQzWALDqH5dK3Bc6DYLpD_sTRwViSspxMa6cQx7py1HlbPL1NZ8cG7BTnJl2uG_2OWJFYvRG5EDAaMOZixQ4BqyB_6z7cOI0H7BQXF9Le099Tl6nQAqwjAxoUBHXbJaIYg-cXoO202ZhA_jMjoQv1yV2gZkdBOlmiNweBYyUgc5MwrQhgl437W9VkVB2o7yYN4oiOXxNvIBxQt0SaLq8QWdFDrE6lgVKdbZB2viZhcnuAS12VfrIM7f7U4R8dprvaf2CwhP9eUl7K9TwqJJoupX4B8V_ytIPOU4UThUnz-Z87Y2XvW8sEYrTIRb3r-myB0807GZWtUBbUgAuBAH659QdLnFsDiBx4Y4rJk9odrgExUBOaZzds0aQktXfp26KYnwH58ZitCrL5h5iiUko3-1l2Z1apMOqsQD65MPHmDd0fJqlbFldq4P9M-HpGTTezhoivHrFBACyY0KiR1z1_SIH-4RB11LUzA3FbrrG4Z4eI5iAIZdNJFk7c-DiSQZvmTOBLEnDZ_MFOR2ftolKxITHIttGElSNR9Tag&sai=AMfl-YSd6JNPzYKCDiEAlMGXXbt5WYHhTA2JaQc4qDdLqQOg9IT0QXbrIq_hJEs7gG99Cz5ThYp7ns2lAWp20OzJa0N24t6d4nxdBeoCIY7oXGXJ_w_qa7AgXQ_Kn0L5A_VK0VvoRJpexxwr9wnvtCEWwdLFxRXZklR-wbig235uah1GSIRz4zqzvYbD_J3pLoPRpzYLuC2Ksg81BvTtn5xO5RcIb8RtaIsp788ozGBjK1J3nt2K7axepXIDuToGkIpwxzg&sig=Cg0ArKJSzJD43RnR7UdzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=308&vt=11&dtpt=307&dett=2&cstd=0&cisv=r20211207.11577&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxu8PmAM7ibnhe0NNELWNoPhUVyEgd_MLA740RImQXAhKQymFD_tpDlu5CbUgaILElKhyR0DDI-sLWWmrdweN99APbU4nrF9vsrkTmkQFPUymKsFe8va1r4T36SDWuizM79vlMXG-i2Ls-6CKu9b8GpVnHUg&dbm_d=AKAmf-C6IyQlVqdXPfR6kCp947aOue4APLuEwKDRdSoJoNweSnkp1uWKlJjS8QXdLtBZRTR-hg5D6FEeiQt6ZXKsU9_9ROkKo327_iKcE2iSa4opFXinh2Kk9paEPpV27wETQTG_k4sGEjIvjihoyxILwUF2rdD1HUqGPD38gtDCFi7jbrV9w9x7dCSAWSr8gjcapHgUSAaKBW8zrAscZXOO9xic2yuIdt-80nO8FVp38GfE-KN8KIxPLVcnwv0ABbXSkWgSvpPuO7xs0wuVZk_Dluy2zi86zxnBAj4PcQtH5QCCjIrFs4cVSjs9Dy-XWI7Mm0WmSQKAqLON3gs4XbMhzkGqsptBnW4TeDhOnBcOr1KiEhtIRI0B2y59iSmjR6042OxCslJq-b6risudumfsmG6_uvj5YqlCzmvZXZ7N3FmTk1sz0ZagcRu6VRPmy-oqm7ldY0jtgp4IWzK8-Po8wQAv7lZyQVnDlwv2Lb5VXU_MR0125Bp-7hbrB7DYeNWJHNgUHjhnJ2C6uE3HCvfTtli_-e8s04RwmpaX9IjayVx4hBf_W3ggnxPlMixgjjeaoKTt8f50hgB1vcfEnM82AL1Bv2SxavYl0NEAmrQmO5vddrMbykf-8V6yJuSlTW4vDmzPAc8xybzepkpFdlnxeH1uQwz-gaeHfdVYocLFc0ieXqOLZJ6WLjAqLV677IDkWdrdvGDq-X9m7X6Tte6j9hImu_9Gk55LqhzyKTMpSK4JvvCPiNTyMwEGf9ZQQf5mVz-_mkKy3REFCOTnSrplygvhyQyRI-Uzf2W0V8LMxZrv2H9vaP9WvEXaGwPVC_ynmcNraKQsuWON1m99LW9AcK49fb6Dmo8ggnySvLd-rnSITYbZJ12FoUkMXddxsRq1oVotaHWcDbFo8UrWZNkGblgJogz_rnayVYa6lcS6j78Sn5eCnnDMoO0JCqUks3fWWasY61QkfpMEzbZ25JoTPVLKEYlwDVwMAKmjHjbM-sXIfiGIWa65pcnkGg2MgHJKC2S80TMSJwOWpl8VLn6O0Vs4JO7Xy6Ai1twXicrpmEfQ88o6os6cNqRVc0sVlNJ6NF1ucoA5BJox9mfAxlWIFG7r1cmEZV6lqKaKalCih02DbBs-DmZGsQMVTNTQQIdg7Q2tg2FHuumd97njwtzhtbJX9YJBJXwgC4O3bvdh-bJCOFV366UHlhUSdo54qToborrwE4NGR3MOUkGj-HN8KmrjAz5POVcETBkSzZpsvtmP7CGPLnamOu295GbWcxdTyZCjG88XdglSa4HGsY2pk1BWffR1NIKDWKrxCBufM2a5C7CeVnCxzp6VKIc5HdyNDLMzscvCW6A_quf1zNM2r3qyomo_GDfqCPr5AaD3XmSDwPqiLqus5UawjM_vRNN3DIrlEHKGTnsGKifVxWNaYj21qt_0D0WzRAzAed4QyqEPjLTveGKYUNLwsgKULeIMjtWb98Lh1vwoHCVxBI1CsccKY3YwwDg05HJzRii2kn1nDjko4ZvR4PrFcS-BXZFb94VtoTXqjRDfGHcB7effsdKa1-Bs-FO8CJJmoyPXMdnF9t0YriO3nUTd5wnYKt36jC5EdUu6yideqQtpOhE9KF2Whgg5iEm5er8eAd_Of25OgU5u_NsR7U9Sw9P9IKIRl2FaV1_B-mpa2E0kQMVo5A6Ej2-eGHFcgtWRLdqgW18anFxO73mcXu9fweOiiSdsDxzSw2jfW2xV9mG9jvZhZTMedf_9xBy_gxUVJC0O_OEX2udccWGU6EIa4NjQXExq-6ToZcIPIyOMbPkry0BCQzVsmuOgaCSyISIXzBP_nEzjZjOXnW2Cchy6TxTeFISNuhDzFbFEqKZ0me7lk15UqysiV_0ELkG4tRY3q1mgvkZmFlbAwZ2xAKKjBQrv_TvOdyAh27vuFqfdKt70JkUZvAvs8LF9Dv7x3TTecomP2GbxZHK7tiSxkhNBo_cb808t2COGxBsIqojR6DpTuXOIYx4kuUe4OAo544_7hnHOrESCsHS8-xY-I2Oxne_yn-cvTz1uUZg9v3KeDrdwbSBEVodAgRm0X5btHVdVHGbG3ANYkQVWzFL-029rspAW0EwC9f__Y44X1Qo1xDnZoMw3lqGpipvEx0FcsSZGUgnzrP9Zbr_Kt7oH_ZaqorN3PnIVlJC8-OZSsOCeW-ZMOXEJXYF9aNCpQjRmQryk17QRNZJHUNIgw2wMQ0uIYsCuG0zuPp2zgj3vQ1fHwxCAWeS_SVdgQo-4RbRDHjqlDybLrgfXiscXkpAaZOsFUB655v3yYWjLJ7nJ3RjtUOTfyqhhTT8I1Z9Gv-xTwBIpk5aaNz6KLANgzNEGrZ3UHrF-WcbqSkaSAm3Sfy2FNDX9tf2PJygk-P-2oj4XK2u6QFzn8QwvpVRjwRdqi2CzCGnn5l7KYfgHOhdPVwSNeBoIRrsBkACt9jsqgtz7C_dCnD1oU4Q63viSRzGsicsx03ihCxT5eJRVVBZgvxAxOtHN9A3e_ptvM1UbKNzSmKoBEL0dvq-7oeme3XFLeoabY2_iE0eACwnVhc0OuZ3odSktEY_fa877H7GP0HO4VAnyHA0Fr8UAaK4XjVVton7ItJ8T7IqzvB4xyHUWy9q-Z5fV82RJQFjWOZguktqzN6QLRqVUc3ogpRmnPPiW5sAZd9zlXi3uzas2hG6A-WKDp5Qn8j7egtGuImodAbQVXvs2BMzSbUlcRXF1Lmu9gkWVbQ5EbZ__UOdoAX9DkEG7R3oR4PsI6O67uDM2OC4chC3Wm2GPHjXyEjGJSexDelfWLrs49K-rgv0WZj5CBCEYbnzpHpXv4d6TxA1qasxT6lHjF_8rLmPCeWWnlMn6OHTfZQVIFyhJ2SdTAtOMywN2KO1crAu8JF06PMcU7T8PIuxK9tp79Jd88MM--XPcfhRUehXlnIOv1OY8Q47dUu7T87ddZMN9hHq1tXWR7Zpl1L1IB9W9oSDTeh2ZszFDfkA2rQ787L4SKNCZzz0N4oP9qBtX1pylKET1DtNonSWXWpjFXWpw3UH2i4ovPCp-ZCpOhuKdqQT0aPPZJkebdADF5dcpPpdqapdBZdzvOkY1jWuuUCGApiwoiXlZeHpLdL2oT-akeG87PRkIxP5ucV3ZH7V5ehBnv50zPznXQQ&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%242%2C%2Chttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-pub-6373315980741255%2526output%253Dhtml%2526h%253D90%2526slotname%253D2794737922%2526adk%253D1445061518%2526adf%253D2751418289%2526pi%253Dt.ma~as.2794737922%2526w%253D728%2526rdp%253Dfalse%2526psa%253D0%2526format%253D728x90%2526url%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526ea%253D0%2526flash%253D0%2526alternate_ad_url%253Dhttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fsrh%25252Fadx%25253FhookId%25253Dd_IL_INSEARCH%2526wgl%253D1%2526uach%253DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%2526dt%253D1641388918798%2526bpp%253D6%2526bdt%253D251%2526idt%253D153%2526shv%253Dr20211207%2526mjsv%253Dm202112060101%2526ptt%253D9%2526saldr%253Daa%2526correlator%253D3472069565444%2526frm%253D23%2526ife%253D1%2526pv%253D2%2526ga_vid%253D164916553.1641388919%2526ga_sid%253D1641388919%2526ga_hid%253D1631956608%2526ga_fc%253D0%2526nhd%253D1%2526u_tz%253D0%2526u_his%253D2%2526u_h%253D1200%2526u_w%253D1600%2526u_ah%253D1200%2526u_aw%253D1600%2526u_cd%253D24%2526u_sd%253D1%2526dmc%253D8%2526adx%253D437%2526ady%253D1112%2526biw%253D1600%2526bih%253D1200%2526isw%253D728%2526ish%253D90%2526ifk%253D2121387315%2526scr_x%253D0%2526scr_y%253D0%2526eid%253D31063752%2526oid%253D2%2526pvsid%253D1834629454140320%2526pem%253D645%2526tmod%253D697%2526loc%253DEMPTY%2526top%253Dhttps%25253A%25252F%25252Fwww.bleepingcomputer.com%25252Fnews%25252Fsecurity%25252Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%25252F%2526eae%253D2%2526fc%253D896%2526brdim%253D0%25252C0%25252C0%25252C0%25252C1600%25252C0%25252C1600%25252C1200%25252C728%25252C90%2526vis%253D1%2526rsz%253D%25257C%25257CE%25257C%2526abl%253DCS%2526pfx%253D0%2526fu%253D4%2526bc%253D31%2526ifi%253D1%2526uci%253D1.k3il0qvc8dj7%2526fsb%253D1%2526dtd%253D167%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dv-measurements1971.js
cdn.doubleverify.com/ Frame 3A36 		499 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1971.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
25ef3aec431c864ade6adfd215691bdf0a9feee7e2707342833660d7b8784f4e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:22:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 12:50:51 GMT
Server
Microsoft-IIS/10.0
ETag
"807f8b3691d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93545
pixel
cm.g.doubleclick.net/ Frame C098
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJy_pc_uFM1eUVo30OR3hFo&google_cver=1&google_push=AYg5qPLTANXn90XxrABgNl8OFWj6VFFGerR3ZvpcCENOaXjcAI8m5sU6Fd...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPLTANXn90XxrABgNl8OFWj6VFFGerR3ZvpcCENOaXjcAI8m5sU6FdgftkMqHvz_X60D4_lfu3EGymAqO1hANDPo1RyVUQ&google_hm=ikkzK9Sa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPLTANXn90XxrABgNl8OFWj6VFFGerR3ZvpcCENOaXjcAI8m5sU6FdgftkMqHvz_X60D4_lfu3EGymAqO1hANDPo1RyVUQ&google_hm=ikkzK9SaXrmKinvQL-6qCw
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPLTANXn90XxrABgNl8OFWj6VFFGerR3ZvpcCENOaXjcAI8m5sU6FdgftkMqHvz_X60D4_lfu3EGymAqO1hANDPo1RyVUQ&google_hm=ikkzK9SaXrmKinvQL-6qCw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C098
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKxTdff...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDUxMzIxNTIyMjIwMDA4MDc4Njk5MQ%3D%3D&google_push=AYg5qPKxTdffm_u1klPra1zZKouTEH8tRsAm3mxTEUHwpnb3MztPV4c5KbGgRP57RXTnym...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDUxMzIxNTIyMjIwMDA4MDc4Njk5MQ%3D%3D&google_push=AYg5qPKxTdffm_u1klPra1zZKouTEH8tRsAm3mxTEUHwpnb3MztPV4c5KbGgRP57RXTnym6udRFdePd7aIAeJwbCMmPoBHoXpjc
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMDUxMzIxNTIyMjIwMDA4MDc4Njk5MQ%3D%3D&google_push=AYg5qPKxTdffm_u1klPra1zZKouTEH8tRsAm3mxTEUHwpnb3MztPV4c5KbGgRP57RXTnym6udRFdePd7aIAeJwbCMmPoBHoXpjc
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 05 Jan 2022 13:22:00 GMT
pixel
cm.g.doubleclick.net/ Frame C098
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPfWJSSFyAmwyoO2isPjn60&google_cver=1&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPfWJSSFyAmwyoO2isPjn60&google_cver=1&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0&google_hm=BDGIHVMsyX0F3-o4DGGBkw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0&google_hm=BDGIHVMsyX0F3-o4DGGBkw==
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:21:59 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU66DrR7r9OkHmLWI0n9geDvImivh0uVcbEMNrGjv_EzYf3Pot9TjBnKIWfyEGpherB9nuOga09ii5eQaEqWLIorVBVz0&google_hm=BDGIHVMsyX0F3-o4DGGBkw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
1r6r1blcf07p9v1igkk1ftvb34n31678
pixel
cm.g.doubleclick.net/ Frame C098
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGIVJ-KvSLOaIBbffpn4GQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGIVJ-KvSLOaIBbffpn4GQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ4B2FotaiidU5VEurUzFkCJ9EbjF_cAhB5Z80OSPz2EA3CDiUot2bagkJsRLZqMq7hRH5OFQRjsFdzMJKgGj9-sSUMuA
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGIVJ-KvSLOaIBbffpn4GQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ4B2FotaiidU5VEurUzFkCJ9EbjF_cAhB5Z80OSPz2EA3CDiUot2bagkJsRLZqMq7hRH5OFQRjsFdzMJKgGj9-sSUMuA
date
Wed, 05 Jan 2022 13:21:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C098
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHax30DH3nzKA7R8EdpaHus&google_cver=1&google_push=AYg5qPKVRMt_AzAzjWR1U6AROyuP95XtjAel0CavX-ooMQAGndkh3pIMrlHw6FeHwZZ-DqdmFQb...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR&google_push=AYg5qPKVRMt_AzAzjWR1U6AROyuP95XtjAel0CavX-ooMQAGndkh3pIMrlHw6FeHwZZ-DqdmFQbPl8JWSOL9rymNr6RPMTxp-MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR&google_push=AYg5qPKVRMt_AzAzjWR1U6AROyuP95XtjAel0CavX-ooMQAGndkh3pIMrlHw6FeHwZZ-DqdmFQbPl8JWSOL9rymNr6RPMTxp-MQ
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1kxS0tWR1MtMS1ENTJR&google_push=AYg5qPKVRMt_AzAzjWR1U6AROyuP95XtjAel0CavX-ooMQAGndkh3pIMrlHw6FeHwZZ-DqdmFQbPl8JWSOL9rymNr6RPMTxp-MQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
Expires
0
pixel
cm.g.doubleclick.net/ Frame C098
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjA...
0
0
pixel
cm.g.doubleclick.net/ Frame C098
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEE1g9ZfmEq9XiX4pSdlXlD8&google_cver=1&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c67...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame C098 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXvBLfwuHeXG4d2qWTmrdht8s44f3a3Gt28cxd241YpR0YlH6TKINHnPKHJAxV_Znjfq0J
Requested by
Host: 386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
URL: https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
syncnoad
partners.tremorhub.com/ Frame 657E 		838 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=beachfront%2Cindexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
99c3d68ecc45ad44eae051f3032a36c470ebdbb1641ea2051886a785775fd479

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		906 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=indexexchange%2CRadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8ec6608975685661f534d4e1b6618252a85773ad081a5c0cb09514383b91dab1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
createjs.min.js
code.createjs.com/1.0.0/ Frame 15C9 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:13::17d7:8222 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:37:00 GMT
adc_RET_makemoney_728x90_HTML5.js
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/ Frame 15C9 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c9750908a03d795133b57791444f81f933ab878656d5aa063acce0248a467f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 16:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75658
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4772
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Jan 2023 16:21:02 GMT
visit.js
tps.doubleverify.com/ Frame 3A36 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=288&ttfrms=8&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTaubge643f_be25223gbeff7h%602a%60_a36ae%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTauDJ%3F%40%3D%408J%5CH2C%3FD%5C%407%5C%3E2%3DH2C6%5C%3A%3F764E%3A%3F8%5C%3F2D%5C56G%3A46D%5CH%3AE9%5CC2%3FD%40%3EH2C6Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=3703&ddur=51&uid=1641388920452328&jsCallback=dvCallback_1641388920452968&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1971&tgjsver=1971&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=26&brh=2&sdf=2&dvp_epl=462&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=159933955&btreg=512638494&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=2603146265.847512&dvp_tukv=110586912418.10954&dvp_uuid=497576092839.1613&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=640153163163
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
3f6a52d7dee73eec2cbbbebfba709ff882732bcf58cb5e01575ceb2499713adf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:00 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
01/04/2022 13:22:00
syncnoad
partners.tremorhub.com/ Frame 657E 		810 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=RadiumOne%2Cadform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9b0e73f508e6a2d4074048e8bb4a46b73b693da437c2102cec203f089b237bf9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
adcouncil.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/adcouncil.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44bef6588cb70325f61b7dbdf85b3a70d362171f219077705a08789e1539de9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 16:07:52 GMT
x-content-type-options
nosniff
age
76448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2159
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Jan 2023 16:07:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA6E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuf58GHBkkGyEBQTrBm5zqvsssoCSGYvL9zUHDJ3XpBn_eLtfddTPh9Ice3VXIKzmHlatj5Q25HPpekuPurug0tmSWzkIzublLQZEQnVve9CVbNb81fl-mys5dNr2mTusIHTiUcDnCxM44w-KDKpqZBKSJDGJmAmg&sig=Cg0ArKJSzHL8m3u4PNWbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1201&vt=11&dtpt=1000&dett=3&cstd=194&cisv=r20211207.76981&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
syncnoad
partners.tremorhub.com/ Frame 657E 		818 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=adform%2Cblis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ee7ff1eed3f7840715dce0305f26e798cafe4cbc518fc3d7d39f307ce6d6ca09

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
id
id.crwdcntrl.net/ 		154 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-153-177.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1ed431fc0e25f957818879c767174563e10db3a70016c493655f202350b924da

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
x-server
10.40.37.166
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
id
id.sharedid.org/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.145.70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-145-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
rid
match.adsrvr.org/track/ 		108 B
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
546455ba4a8a9b9d964093af8aafc7db58e88b8c1d16a227097e581bb9ae8835

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 04 Feb 2022 13:22:00 GMT
index.html
cdn.districtm.io/ids/ Frame FCA2 		116 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html
cf-ray
6c8d0351fe1feaeb-ATL
age
24761
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 353760c441dc8d01e037336279926a5f.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
EukmmSX1STZypX6FmciNIXlSr6ZBgipRUDD08vzipVcc08NE8kr4mg==
x-amz-cf-pop
ATL51-C1
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
async_usersync.html
acdn.adnxs.com/dmp/ Frame D47E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 29 Dec 2021 02:32:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 Jan 2022 13:22:00 GMT
Age
38974
X-Served-By
cache-lga21948-LGA, cache-fty21322-FTY
X-Cache
HIT, HIT
X-Cache-Hits
1, 86617
X-Timer
S1641388921.691349,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C57D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=107015
expires
Thu, 06 Jan 2022 19:05:35 GMT
date
Wed, 05 Jan 2022 13:22:00 GMT
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame A6C7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0ac5d54801ae5c831df34e94dd9eb2a781ba82afe6f5e22f23f6a24f1012494e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html; charset=utf-8
content-length
461
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
usync.html
eus.rubiconproject.com/ Frame DC00 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jan 2022 13:22:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2A97 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 05 Jan 2022 13:22:00 GMT
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame E390 		116 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html
cf-ray
6c8d0351fe20eaeb-ATL
age
24761
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 330536604823d44e02dcc57f15f8ed90.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
hzjtAOyLZb1jrsEWcWs2nR7RwdHTb0xbjslwNg74X-L65njJnDTLeg==
x-amz-cf-pop
ATL51-C1
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
/
de.tynt.com/deb/ Frame 2245
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4a268d494ea424903f16a6ff64c9e0ddc35ddb97eb8275f8b948810eb4e9dc96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
1614
date
Wed, 05 Jan 2022 13:22:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Wed, 05 Jan 2022 13:22:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pd
u.openx.net/w/1.0/ Frame D13B 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame E5F1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 05 Jan 2022 13:22:00 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0FD4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 29 Dec 2021 02:32:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 Jan 2022 13:22:00 GMT
Age
38974
X-Served-By
cache-lga21948-LGA, cache-fty21367-FTY
X-Cache
HIT, HIT
X-Cache-Hits
1, 37845
X-Timer
S1641388921.691860,VS0,VE0
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 7C97 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0ac5d54801ae5c831df34e94dd9eb2a781ba82afe6f5e22f23f6a24f1012494e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html; charset=utf-8
content-length
461
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
pd
u.openx.net/w/1.0/ Frame DB51 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Wed, 05 Jan 2022 13:22:00 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
checksync.php
contextual.media.net/ Frame DD90 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
90bdfdc8a8be5e5ea522cebea1fd344b609feee857e824994a5af18de3949fb7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 07 Jan 2022 13:22:00 GMT
date
Wed, 05 Jan 2022 13:22:00 GMT
content-length
11144
checksync.php
contextual.media.net/ Frame 3A3C 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
90bdfdc8a8be5e5ea522cebea1fd344b609feee857e824994a5af18de3949fb7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 07 Jan 2022 13:22:00 GMT
date
Wed, 05 Jan 2022 13:22:00 GMT
content-length
11144
showad.js
ads.pubmatic.com/AdServer/js/ Frame 302B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=107015
expires
Thu, 06 Jan 2022 19:05:35 GMT
date
Wed, 05 Jan 2022 13:22:00 GMT
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame EEBF 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Date
Wed, 05 Jan 2022 13:22:00 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
kKVkxUDMZklIZJhRhK6X8sHGLefoiciLqAdNweQ+hODUDHerC7/vuSsloM5ZVNqB2tIYreKLFpg=
x-amz-request-id
3E1F86YJ0JHTJ8FC
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2639
Expires
Wed, 05 Jan 2022 13:23:00 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6c8d03529d09f1ba-ATL
Content-Encoding
gzip
ADMX
c.deployads.com/cs/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fc.deployads.com%2Fcs%2FADMX%3Fb%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253...
  • https://prebid.a-mo.net/cchain/0/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=appnexus&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=6285311477415990070
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jLmRlcG...
  • https://prebid.a-mo.net/cchain/1/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=pubmatic&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=54621527-E2AF-48B3-9A20-16DF7E99F819
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jLmR...
  • https://prebid.a-mo.net/cchain/3/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=sovrn&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ==&uid=d090700eca65dcfca356b80d
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F66%3FA%3Dbad2d675-583e-4f34-8d55-5407c9257c79%26bidder%3Dindex_...
  • https://prebid.a-mo.net/cchain/4/66?A=bad2d675-583e-4f34-8d55-5407c9257c79&bidder=index_rtb&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=YdWbcBgovym-M.HPZmH3eQAA%26946
  • https://c.deployads.com/cs/ADMX?b=bad2d675-583e-4f34-8d55-5407c9257c79
43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/ADMX?b=bad2d675-583e-4f34-8d55-5407c9257c79
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://c.deployads.com/cs/ADMX?b=bad2d675-583e-4f34-8d55-5407c9257c79
date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
content-length
0
VRZN
c.deployads.com/cs/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58423/occ
  • https://c.deployads.com/cs/VRZN?b=y-xQEQs1dE2uHNKScFiISndcP6LoY0S5B3egXwtWw-~A
43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/VRZN?b=y-xQEQs1dE2uHNKScFiISndcP6LoY0S5B3egXwtWw-~A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://c.deployads.com/cs/VRZN?b=y-xQEQs1dE2uHNKScFiISndcP6LoY0S5B3egXwtWw-~A
date
Wed, 05 Jan 2022 13:22:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cent
c.deployads.com/cs/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99
  • https://c.deployads.com/cs/cent?b=no-consent&gdpr=1&gdpr_consent=
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/cent?b=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://c.deployads.com/cs/cent?b=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemed...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d7b7191d-d622-41e5-95b6-2af052de3db6%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Dthem...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1a63fcc3-1a56-4f35-8bf5-da845493f467&ttd_puid=d7b7191d-d622-41e5-95b6-2af052de3db6%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
XNDR
c.deployads.com/cs/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c.deployads.com/cs/XNDR?b=$UID
  • https://c.deployads.com/cs/XNDR?b=6285311477415990070
43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/XNDR?b=6285311477415990070
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:00 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 582.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
26ea773e-9af5-46ac-a04c-1b07a0b48c68
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://c.deployads.com/cs/XNDR?b=6285311477415990070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bswt
c.deployads.com/cs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sortable
  • https://ums.acuityplatform.com/bum?tpid=29&uid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&bidswitch_ssp_id=sortable
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=637414288351&expires=30&user_group=1&ssp=sortable
  • https://c.deployads.com/cs/bswt?b=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&i=
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/bswt?b=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&i=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//c.deployads.com/cs/bswt?b=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&i=
Date
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
adcouncil.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/adcouncil.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44bef6588cb70325f61b7dbdf85b3a70d362171f219077705a08789e1539de9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 16:07:52 GMT
x-content-type-options
nosniff
age
76448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2159
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Jan 2023 16:07:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2D5A 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLIET7SPr7gbDGOmusdtndyfgi3G7a_HvesgEIaMvyry1hsAZKcsCRWKJHNuUFLdUkQ_Y2ZG2rkP7U0U_xE0E2Ddfd7VcJI0KrjwFee4cASepz9opW8qn2N0mi7nmptlr2AIDOXXw7f17dmyBcuNUgJgMswqOyeQ&sig=Cg0ArKJSzNfR6gGCmggKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=974&vt=11&dtpt=713&dett=3&cstd=249&cisv=r20211207.74069&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
syncnoad
partners.tremorhub.com/ Frame 657E 		802 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=blis%2Cmadhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
86d2710b74cb980134f029c623ba6b0a8b111d7e09f6dd1e99c0632713328f88

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
bg.jpg
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/bg.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e07991dea3dc6bdff2d03f9b0a0a699d33ccc9b3490ba1ba324809f60498869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:53:15 GMT
x-content-type-options
nosniff
age
30525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26511
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 04:53:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A103 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6373315980741255&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05689b44de95e9e630f786e99c1f9cd704143e7dfb9352d3d84c31336577033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8456
x-xss-protection
0
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 33BB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
25601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:15:19 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		801 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=madhive%2Cemx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fd8b82604e602cc8ed7ff9da84542bad57b419ed634ccf0ee9dab358eb84f114

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame F18A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
bg.jpg
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/bg.jpg
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e07991dea3dc6bdff2d03f9b0a0a699d33ccc9b3490ba1ba324809f60498869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:53:15 GMT
x-content-type-options
nosniff
age
30525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26511
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 04:53:15 GMT
xuid
eb2.3lift.com/ Frame A6C7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=o4LdyAb4p&dongle=u6nf
eb2.3lift.com/ Frame A6C7
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=o4LdyAb4p&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=o4LdyAb4p&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=o4LdyAb4p&dongle=u6nf
date
Wed, 05 Jan 2022 13:22:00 GMT
via
1.1 google
alt-svc
clear
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame A6C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6C7
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame A6C7
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=9ce9f5c...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=9ce9f5c7e823416b4e442ee6ca43db30
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c8d0357eb15187b-ATL
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=9ce9f5c7e823416b4e442ee6ca43db30
date
Wed, 05 Jan 2022 13:22:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6c8d035729e6187b-ATL
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame A6C7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12724134863166359534?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 05 Jan 2022 13:22:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame A6C7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=12724134863166359534&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=28139247-0eff-4704-8ee0-cb3e5e3591f0
  • https://eb2.3lift.com/xuid?mid=2409&xuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame A6C7 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=12724134863166359534&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
etag
"4fbbfa5769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F5BBA09D7E4745468C3E436AB0A3C60E Ref B: ATL331000103019 Ref C: 2022-01-05T13:22:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame A6C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=12724134863166359534
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame A6C7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJLE2WSGJF4DM...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame DC00 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d5de6a492eec0c85725a0fb6a14dfb084d255c5915b03df9360f91d7630f3c1e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:22:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81249
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 06 Jan 2022 11:56:09 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame FCA2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
37804
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6c8d0353b827eaeb-ATL
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Fri, 07 Jan 2022 13:22:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame E390 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
37804
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6c8d0353b829eaeb-ATL
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Fri, 07 Jan 2022 13:22:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A103 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6373315980741255&plah=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:22:01 GMT
body.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/body.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19735679a60e0e3790f69284caeac1f00c80ca8ad3a29d42ab53e0eba50e18b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 21:20:58 GMT
x-content-type-options
nosniff
age
489662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3359
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Dec 2022 21:20:58 GMT
xuid
eb2.3lift.com/ Frame 7C97
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=1a63fcc3-1a56-4f35-8bf5-da845493f467&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=MfRdyeb4M&dongle=u6nf
eb2.3lift.com/ Frame 7C97
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=MfRdyeb4M&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=MfRdyeb4M&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=MfRdyeb4M&dongle=u6nf
date
Wed, 05 Jan 2022 13:22:00 GMT
via
1.1 google
alt-svc
clear
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 7C97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED-uc94tLQ_eiYwQKacS5Ys&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C97
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI3MjQxMzQ4NjMxNjYzNTk1MzQ%3D
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 7C97
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=12724134863166359534&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=c744e51...
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=c744e516cb6009e7802e472b267fa58f
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c8d0357fb26187b-ATL
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f1294d9e-5a48-4d54-8a2a-7aeccc817f64&_noobservation=1&_expected_cookie=c744e516cb6009e7802e472b267fa58f
date
Wed, 05 Jan 2022 13:22:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6c8d035729e9187b-ATL
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 7C97
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12724134863166359534?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 05 Jan 2022 13:22:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YHMsYyNE2oT6LDHvoljWjS6JDBa4liLJlWfYbfcAdQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
odr.mookie1.com/t/v2/ Frame 7C97
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=12724134863166359534&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=triplelift&gdpr=0&gdpr_consent=
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.90.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=triplelift&gdpr=0&gdpr_consent=
Date
Wed, 05 Jan 2022 13:22:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 7C97 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=12724134863166359534&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
etag
"4fbbfa5769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 386118FA313E44B7AF4F00206DBB3123 Ref B: ATL331000103019 Ref C: 2022-01-05T13:22:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 7C97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=12724134863166359534
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 7C97
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJLE2WSGJF4DM...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZVMZFIx65tcLnTTmmiuI
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		823 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=emx%2Cexponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cc60e516f0baf18842a5af7bcc2a954216b5e7f920d8236aa883bbd55e873969

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame DFC1 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2f26d38308c9438a148fb824c0f7ee39568eeb997f85d6148bb34453760583fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|88|81|130|111|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1503
Expires
Wed, 05 Jan 2022 13:22:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:00 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame D47E 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
caed41ec-c7a3-4370-8568-3a2217225fbc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0FD4 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
1d64c8b7-819c-419f-9213-f4b12375461e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
usermatch
ssum-sec.casalemedia.com/ Frame 52C7 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbbe1e1a1dbd10f743ac10627c5bcd412587c8f3694e043ffc1b42a0bfddcdb8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
4|3|90|64|46|73|191|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1507
Expires
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Connection
keep-alive
syncnoad
partners.tremorhub.com/ Frame 657E 		880 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=exponential%2Cadelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
633a54ca5234c3c99e76501033ad4b7cb9f3f53db5d477030c01c3de0a24e31a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
body.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/body.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19735679a60e0e3790f69284caeac1f00c80ca8ad3a29d42ab53e0eba50e18b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 21:20:58 GMT
x-content-type-options
nosniff
age
489663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3359
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Dec 2022 21:20:58 GMT
pubcid.php
hbx.media.net/ Frame DD90 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:52:01 GMT
sync
gum.criteo.com/ Frame DD90 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1587
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
cksync.html
contextual.media.net/ Frame 0DBF
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Drkt%26refUrl%3D%26vid%3D138892108928439052007593870...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889210892843905200759387000V10&ovsid=970033152809871230
219 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889210892843905200759387000V10&ovsid=970033152809871230
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889210892843905200759387000V10&ovsid=970033152809871230
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dcon%26refUrl...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889210892843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889210892843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889210892843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dmma%26refUrl%3D%26vid%3D138892108928439052007593...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889210892843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889210892843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
MT3 4133 baa842e master iad-pixel-x23 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889210892843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:22:00 GMT
cksync
cs.media.net/ Frame DD90
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg0MzkwNTIwMDc1OTM4NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13889210892843905200759...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889210892843905200759387000V10&ovsid=GI2D34ul1N56eJ5
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889210892843905200759387000V10&ovsid=GI2D34ul1N56eJ5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:00 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-06db6b137b70b9586@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889210892843905200759387000V10&ovsid=GI2D34ul1N56eJ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
45 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1873169
content-length
0
expires
Wed, 05 Jan 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e5134c6aa1984914bc5ed8c0b8f61662&ssp=medianet&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=0&consent=&gdpr_pd=1&expires=7
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=0&gdpr_consent=&gdpr_pd=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=0&gdpr_consent=&gdpr_pd=1
Date
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dzem%26refUrl%3D%26vid%3D13889210892843905200759387...
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2KZGVURSJPA3DK5DDJRXFIVDNNVUXK...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889210892843905200759387000V10&vsid=2843905200759387000V10
45 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889210892843905200759387000V10&vsid=2843905200759387000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889210892843905200759387000V10&vsid=2843905200759387000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2843905200759387000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2843905200759387000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame DD90 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame DD90
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync.php
contextual.media.net/ Frame DD90
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Damb%26refUrl%3D%26vid%3D13889210892843905200759387000V10%26ov...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889210892843905200759387000V10&ovsid=3747225568690969523
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889210892843905200759387000V10&ovsid=3747225568690969523
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889210892843905200759387000V10&ovsid=3747225568690969523
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pubcid.php
hbx.media.net/ Frame 3A3C 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:52:01 GMT
sync
gum.criteo.com/ Frame 3A3C 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1512
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
cksync
cs.media.net/ Frame 3A3C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg0MzkwNTIwMDc1OTM4NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEO7uJL7ufU3ctXkagfSuLMY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 3D45
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Drkt%26refUrl%3D%26vid%3D138892114828439052007593870...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889211482843905200759387000V10&ovsid=979321822310490180
219 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889211482843905200759387000V10&ovsid=979321822310490180
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2843905200759387000V10&type=rkt&refUrl=&vid=13889211482843905200759387000V10&ovsid=979321822310490180
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
45 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b3997a5-1350-4274-9e08-6401d6d1d77f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1793163
content-length
0
expires
Wed, 05 Jan 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=66152e53-073d-4957-a80b-bcc1df3acdd5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2843905200759387000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2843905200759387000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=26f02966-ffaf-4b08-8d02-568e71150140&cs=1
date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 3A3C 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 3A3C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1a63fcc3-1a56-4f35-8bf5-da845493f467
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dcon%26refUrl...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889211482843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889211482843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=con&refUrl=&vid=13889211482843905200759387000V10&ovsid=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dmma%26refUrl%3D%26vid%3D138892114828439052007593...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889211482843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889211482843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
MT3 4133 baa842e master iad-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=mma&refUrl=&vid=13889211482843905200759387000V10&ovsid=050e61d5-9b71-4f00-a1bc-dfd497875439
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:22:00 GMT
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13889211482843905200759...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889211482843905200759387000V10&ovsid=GI2D34ul1N56eJ5
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889211482843905200759387000V10&ovsid=GI2D34ul1N56eJ5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:00 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-06db6b137b70b9586@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=dxu&refUrl=&vid=13889211482843905200759387000V10&ovsid=GI2D34ul1N56eJ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Dzem%26refUrl%3D%26vid%3D13889211482843905200759387...
  • https://stags.bluekai.com/site/23178?id=ZVMZFIx65tcLnTTmmiuI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2KZGVURSJPA3DK5DDJRXFIVDNNVUXK...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889211482843905200759387000V10&vsid=2843905200759387000V10
45 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889211482843905200759387000V10&vsid=2843905200759387000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=ZVMZFIx65tcLnTTmmiuI&refUrl=&type=zem&vid=13889211482843905200759387000V10&vsid=2843905200759387000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 3A3C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2843905200759387000V10%26type%3Damb%26refUrl%3D%26vid%3D13889211482843905200759387000V10%26ov...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889211482843905200759387000V10&ovsid=3747225568690969523
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889211482843905200759387000V10&ovsid=3747225568690969523
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 Jan 2022 13:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=2843905200759387000V10&type=amb&refUrl=&vid=13889211482843905200759387000V10&ovsid=3747225568690969523
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
buyers
dmx.districtm.io/s/v1/ Frame FCA2 		537 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5706dedad17a5f82cf7dd81230bc64e3ae762f4d1ef72a138d40ea9201897c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d03557a91eaeb-ATL
access-control-allow-headers
Origin, Content-Type
buyers
dmx.districtm.io/s/v1/ Frame E390 		503 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79783072b9b43fbbfbf4d2af23f382cab1ed06c91d905b3718cf3ad7487b9e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d03557a96eaeb-ATL
access-control-allow-headers
Origin, Content-Type
cta.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/cta.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75e190489d7a48a86fa7bb93f67abedb315d197679154f0ceedfbe21205a964f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 01:30:45 GMT
x-content-type-options
nosniff
age
474676
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1686
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Dec 2022 01:30:45 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		831 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=adelphic%2Cadtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e774a4ba8949ba61584f7ac3fd9d0d8c2b8fc2a7d72841006a56e2ab4ab00091

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 646B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswrio_Yd5uQX-NuoqCnJoT4qkqwvKaGbHwSVr26uYNslt2dg1AsqnQ-_rk9upeYNr2V6ch4mTV4rtZeOw9lbAPQ1b2fBxy9-lvf4ULBxIdPay5_y7DEQ&sai=AMfl-YRsqiWlyw4rTrdfGwcGwyXsbXZvsW-htMW7JYpbwz6YV--Pv_l7bkoENEk-UMAbfZHtakcROkJMUYVAN4fpJLXhmHYthLr0318&sig=Cg0ArKJSzGWBU1dVsARTEAE&cid=CAASPeRoGy6oE2O4B29GNBNvo33ij6OInu0INIO5xG7AvOw-qqXjVCZZ5uQDgQ9fIrIPcpYZ4T_Tr3UgS8HCsRs&id=lidar2&mcvt=1127&p=0,0,94,728&mtos=0,1127,1127,1127,1127&tos=0,1127,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&app=0&itpl=20&adk=1445061518&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641388918966&rpt=1171&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
978477403571465463
dmx.districtm.io/s/10056/ Frame FCA2
Redirect Chain
  • https://p.rfihub.com/cm?pub=36496&in=1
  • https://dmx.districtm.io/s/10056/978477403571465463
74 B
161 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10056/978477403571465463
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
501ac7ead0cb00ad4bffc4a7ca026646d52573573e8d9b048f1ae8ef4917e487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d03574d48eaeb-ATL

Redirect headers

Location
https://dmx.districtm.io/s/10056/978477403571465463
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
dmx.districtm.io/s/10059/ Frame FCA2
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd07359438a34a6db7cff6fd74c31f9c84076f56d28219d033502ba85b3bbc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d0358cf42eaeb-ATL

Redirect headers

location
https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
date
Wed, 05 Jan 2022 13:22:01 GMT
content-length
0
KQKdcIfLbyHtykh5fBEH
dmx.districtm.io/s/10027/ Frame FCA2
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1
  • https://dmx.districtm.io/s/10027/KQKdcIfLbyHtykh5fBEH?pi=districtm&tc=1
76 B
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10027/KQKdcIfLbyHtykh5fBEH?pi=districtm&tc=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2746b817d20ad9ff1f30ce7fbdbc997444cbdac8b6d915a26c4420722c13fb2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d03581e51eaeb-ATL

Redirect headers

location
https://dmx.districtm.io/s/10027/KQKdcIfLbyHtykh5fBEH?pi=districtm&tc=1
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT, Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321&nuid=23HRFQm3Pk1kRlolRXxgQy9zAG4
dmx.us-east-32.districtm.io/s/10007/ Frame FCA2
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=23HRFQm3Pk1kRlolRXxgQy9zAG4&rurl=//dmx.us-east-32.districtm.io/s/10007/
  • https://dmx.us-east-32.districtm.io/s/10007/AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321&nuid=23HRFQm3Pk1kRlolRXxgQy9zAG4
138 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-32.districtm.io/s/10007/AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321&nuid=23HRFQm3Pk1kRlolRXxgQy9zAG4
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
34.75.235.219 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
219.235.75.34.bc.googleusercontent.com
Software
/
Resource Hash
27bdc62c0910fb8b0c1773f2d61be6b2f7f38c257e905b346e64bf1c6166a3af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-length
138
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-32.districtm.io/s/10007/AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321&nuid=23HRFQm3Pk1kRlolRXxgQy9zAG4
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
20a5fbc5-73de-4467-b1a9-6b8c62cfc742
dmx.districtm.io/s/10009/ Frame FCA2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=23HRFQm3Pk1kRlolRXxgQy9zAG4
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=districtm&user_id=WUPPXQ8rzB-m1O0k4tcK0
  • https://dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebf42a14c7967370bae13dd7203bc346365de172113d310f77e21ec52a17efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d0358df49eaeb-ATL

Redirect headers

Location
//dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Date
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
YdWbcQADT-oI8wAm
dmx.us-east-31.districtm.io/s/10016/ Frame E390
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://dmx.us-east-31.districtm.io/s/10016/YdWbcQADT-oI8wAm
72 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-31.districtm.io/s/10016/YdWbcQADT-oI8wAm
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
34.75.117.5 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
5.117.75.34.bc.googleusercontent.com
Software
/
Resource Hash
14e59766e4d658c4e2cd87ac241c65a2c0d7b259e72ef85793bcb7e1d8d7ded7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-length
72
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641388921.362366,VS0,VE0
x-served-by
cache-atl18459-ATL
x-cache
HIT
location
https://dmx.us-east-31.districtm.io/s/10016/YdWbcQADT-oI8wAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
20a5fbc5-73de-4467-b1a9-6b8c62cfc742
dmx.districtm.io/s/10009/ Frame E390
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=23HRFNwZsG4HiDMgLVFD3KLARvz
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=districtm&user_id=_W1jxAXozT2YrnxOrwiV0
  • https://dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
92 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebf42a14c7967370bae13dd7203bc346365de172113d310f77e21ec52a17efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d0358ef65eaeb-ATL

Redirect headers

Location
//dmx.districtm.io/s/10009/20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Date
Wed, 05 Jan 2022 13:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
no-consent
dmx.districtm.io/s/10001/ Frame E390
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://dmx.districtm.io/s/10001/no-consent
66 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/no-consent
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2950e438bf51151ffedb7db588ff4bb77855a48daf2793c204fb8c89f1a3ae68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d03574d3eeaeb-ATL

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
dmx.districtm.io/s/10059/ Frame E390
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd07359438a34a6db7cff6fd74c31f9c84076f56d28219d033502ba85b3bbc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d0358cf3deaeb-ATL

Redirect headers

location
https://dmx.districtm.io/s/10059/d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
date
Wed, 05 Jan 2022 13:22:01 GMT
content-length
0
y-GE9rzUpE2uEtnkCnxzUKn0umsheCUL1qa1f4xxw-~A
dmx.districtm.io/s/10057/ Frame E390
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://dmx.districtm.io/s/10057/y-GE9rzUpE2uEtnkCnxzUKn0umsheCUL1qa1f4xxw-~A
100 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-GE9rzUpE2uEtnkCnxzUKn0umsheCUL1qa1f4xxw-~A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9181b1ccb588657e94bde83bbaba1c53fcf04fd83894abcd7d9768a4f84008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 05 Jan 2022 13:22:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6c8d03574d42eaeb-ATL

Redirect headers

location
https://dmx.districtm.io/s/10057/y-GE9rzUpE2uEtnkCnxzUKn0umsheCUL1qa1f4xxw-~A
date
Wed, 05 Jan 2022 13:22:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cta.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/cta.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75e190489d7a48a86fa7bb93f67abedb315d197679154f0ceedfbe21205a964f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 01:30:45 GMT
x-content-type-options
nosniff
age
474676
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1686
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Dec 2022 01:30:45 GMT
usync.html
eus.rubiconproject.com/ Frame 2426
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jan 2022 13:22:01 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Date
Wed, 05 Jan 2022 13:22:01 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E362
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1641388920935.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
about:blank

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=108629
expires
Thu, 06 Jan 2022 19:32:30 GMT
date
Wed, 05 Jan 2022 13:22:01 GMT
vary
Accept-Encoding

Redirect headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
40000000008200000A
server
33XP003
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
content-length
0
date
Wed, 05 Jan 2022 13:22:01 GMT
match
cms-xch-chicago.33across.com/ Frame 2245
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&google_hm=MjBhNWZiYzUtNzNkZS00NDY3LWIxYTktNmI4YzYyY2Zj...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBjCEV0MIqOAugUWH9nDSao&google_cver=1&ssp=the33across&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
date
Wed, 05 Jan 2022 13:22:01 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 2245
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1641388920935.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
68 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
MT3 4133 baa842e master iad-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:22:00 GMT
match
cms-xch-chicago.33across.com/ Frame 2245
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-rfmkxk5E2uFY_jxbD.DvHV7ZPBcjqG.t~A
  • https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-rfmkxk5E2uFY_jxbD.DvHV7ZPBcjqG.t%7EA&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-rfmkxk5E2uFY_jxbD.DvHV7ZPBcjqG.t%7EA&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-rfmkxk5E2uFY_jxbD.DvHV7ZPBcjqG.t%7EA&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 2245
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475321&us_privacy=
  • https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AQEI6an492HHXwJRtiigAQEBAQE&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		746 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=adtheorent%2Csimpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9cbedf23789d66226d8fc2f213369162b7b9c142f5a2ed1ae70d631b1a24d1f9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
crum
dsum-sec.casalemedia.com/ Frame DFC1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 582.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c9ba1eb1-8001-40fb-b05f-cffe4e9a61b1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DFC1 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DFC1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
date
Wed, 05 Jan 2022 13:22:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame DFC1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdWbcQADT-oI8wAm
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdWbcQADT-oI8wAm
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641388921.420756,VS0,VE0
x-served-by
cache-atl18459-ATL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdWbcQADT-oI8wAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame DFC1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=DUQFlAIXVpAWTQLECEFMkw5BV8UWEFCQDxZhL4VC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=DUQFlAIXVpAWTQLECEFMkw5BV8UWEFCQDxZhL4VC
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=DUQFlAIXVpAWTQLECEFMkw5BV8UWEFCQDxZhL4VC
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DFC1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598521
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFt-E7DqzcAABFrhrnOiw&expiration=1642598521
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame DFC1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8664334389647396867&expiration=1642598521
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8664334389647396867&expiration=1642598521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8664334389647396867&expiration=1642598521
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
us.php
gu.dyntrk.com/adx/ie/ Frame DFC1 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.118.168 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns571817.ip-51-161-118.net
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame DFC1 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YdWbcBgovym-M.HPZmH3eQAA%26946
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1263
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:43:04 GMT
h1.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/h1.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb29605f3f09f44873be5fc98e4e8db3fcf987774164258c3cac3605c4738d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 16:25:17 GMT
x-content-type-options
nosniff
age
334604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1755
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Jan 2023 16:25:17 GMT
rum
dsum-sec.casalemedia.com/ Frame 52C7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3747225568690969523
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3747225568690969523
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3747225568690969523
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 52C7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
MT3 4133 baa842e master iad-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=050e61d5-9b71-4f00-a1bc-dfd497875439
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:22:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 52C7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1D5525D15A044016B14FBC531747C717
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1D5525D15A044016B14FBC531747C717
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

date
Wed, 05 Jan 2022 13:22:01 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1D5525D15A044016B14FBC531747C717
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 04 Jan 2022 13:22:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 52C7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1643980921
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1643980921
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1643980921
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 52C7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 582.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
cdc19103-5eed-4a32-9dd2-0dd25ac585d4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6285311477415990070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 52C7 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum.casalemedia.com/ Frame 52C7
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fdcd86aa-bad5-8b7a-7bff0e50
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fdcd86aa-bad5-8b7a-7bff0e50
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

date
Wed, 05 Jan 2022 13:22:01 GMT
server
nginx/1.20.2
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=fdcd86aa-bad5-8b7a-7bff0e50
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
cache-control
max-age=3600
content-type
text/html; charset=utf-8
content-length
119
crum
dsum.casalemedia.com/ Frame 52C7
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:22:01 GMT

Redirect headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e2cc5e3c-01ae-443c-8ffc-52cb1752ec72
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 52C7 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YdWbcBgovym-M.HPZmH3eQAA%26946
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1263
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 05 Jan 2022 13:43:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBE7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Wed, 05 Jan 2022 06:25:07 GMT
expires
Thu, 05 Jan 2023 06:25:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 45AB 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
137306918ab40fc8abdd5ee79b370c38f773567fcb3d0b194ca2680d4e66723c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zXr72HATzty99tDG6kffpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 05 Jan 2022 13:22:01 GMT
date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-zXr72HATzty99tDG6kffpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
c21lg-d.media.net/ Frame DD90 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=e02f670a-5e15-4bbf-bffa-03b9b3ec850d&cs=15&vsid=2843905200759387000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 05 Jan 2022 13:22:01 GMT
log
c21lg-d.media.net/ Frame 3A3C 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=e02f670a-5e15-4bbf-bffa-03b9b3ec850d&cs=15&vsid=2843905200759387000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C228%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 05 Jan 2022 13:22:01 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		720 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=simpli.fi%2Cquantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e497b9e7df15c9e78f61051a604657d7d02db1a49ce15aaeb703ddb567d05780

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
h1.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/h1.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb29605f3f09f44873be5fc98e4e8db3fcf987774164258c3cac3605c4738d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 16:25:17 GMT
x-content-type-options
nosniff
age
334604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1755
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Jan 2023 16:25:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E41 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6JNXd5vVYfSYBMPK_gSb5b7AAwAAAAA4AeAEAg&bg=!HxylHFjNAAZKWFskSlg7ACkAdvg8WsPLPSJQvF6KsagkWmwLH9h993jrPA_U1nevmxLjQ4qFsXKp0gIAAANpUgAAAF1oAQeZAuLFv4H2elqMPJqNX-Dl0fM3bGz6NlEPX1Oawoz3lMwtT2Mykv9HsLNLh6ixXfzvxsZvls1DgBevLJ4DjY4tCGEdjN-2QKdoTxejffx4-dALYus5Z_c0L4ldcSoZmu-9Ve8BOitU-_LSih1o85fW6-f-sInqGFNJlY5pCFDmcIllUlYcQeKvZixcA-wNtAL9Ph_8QYHMWGbOeMqreTmHXYYkqedYwdGg62cUxKt5fuFVrf_CSEGPl4T7qcs_hvI-FWthzen9QOMR1jBzy3p4L51Gmxthwd-R9baktjnreiMXNUEPWpfLyljm45VQBSxNBE19viXIooqMsMu5TYvcBpay3gQOaJvf3iSbaxtZdILCX1XqkDqtF2x27uodhO5hgk9OJXzjEVqXA0BMHDwCLTigXuo_JiP-T_LhJZd9NaLa8uCyOWTxjxErxr3Rv0XqkaqyuWoyXTuAjnPgLolYuDNR4Z64YjSAMCfmQ-t4Y4ol8cDYTreozTSYjVi06WVe7a_nI8nMom_nvkMTsXgE1sK0Mlfn-6vYubKQnAhSAg4fw1s9iV3Xq6OG1Q-Ynv8GcXpvAkflKsuK-fA10uAa2H5JoTBA9le7Jcw4CADAsOBIts6_qs0M6IeOAzUzQjMar-R8LfdhWcqlIVknViUrrC_vYA2K7vtVI32x7sz8qLV_2QbhJ2E5EF3AecpdOJ-IVZxb9tis6yivg4tL9lx52tim5ziVAm1prb1lCLKdP-4VcU-N83iL1UwBtO5kgnbdMM3uOtbTVYobbsc61J4l6OGoI_ByBU9eLxGzBFD-jO6xCF9kqHR78fB_xbBVtoMmdfDGOir5RDIlydjj82OkyumzzTm4tugB5X1h39r6JhJo2uQM1FeY_1KwP9M246RJNfv-Td9yUVI2vxKhMIbiz__-XKy83tKyg1XoGsXkKQsVsCLEH1BT8vYmOrYPPdJMiiW4mCvAhhZ1AR7pZmTexzFvsjM
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h2.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/h2.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f4987d63b8bbfd1e7bd400c584df398776dea01754238286f36d2148b9bf114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 23:29:58 GMT
x-content-type-options
nosniff
age
481923
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2140
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Dec 2022 23:29:58 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		742 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=quantcast%2C4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6f90dd8deacfbfdc14fe0e04c9c7bcee76bf850a735f6a10cc897415f5d2d8a2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88C6 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bwp7rd5vVYfemBJSQoPwPrrifuA8AAAAAOAHgBAI&bg=!y8ilyIzNAAZKWFskSlg7ACkAdvg8WnX6HzEHzjUe8yaMlfrij4J3v3V0I_xelGAQfAJQL3OaiXlt8QIAAAO-UgAAAGVoAQeZAtsJRVWxp_NYaGIy0bx2yCGNIb2MFKZdAm4SmWa-LMDLSWwt8cb9wPoOjsGySJ1UOydxlO6_9arAGPCJTMv1KrcCza33tU5g3GOQvW-ynn3yY0Ja7Sm28AGlSKWLf5UvlBpkXHTtIdLd8z_ItzyJeaQGiNaTWyWlYzs-vKZBnL2OVJUnvcjns6q6XvJAvpYy8dzmkWkI01PfZMz7AOMS7q7w4OWSW6yc-8tQzz5f2lcsd6VwOJjbTuvYvNYd8v4mSdmrXYg0xjnmEpl8uIwXlU0hXx4MAmaZATav85Mpmftr7Pyq2KSWCEYHolb7ZO3L0SULBXMMzCvIzrKOekrwyuhWWCp-g5Gm5dHB6Tts1Ss8pQrB7TYniAZvVSpl322TVwfAQ4GQUDuTZru88a22Hpg52UdIdMBcxkszj8C8qINEDAXZEX4ySFHiOI8ZlQ4UviUBUiGz2j6gXdkv-RE7S9GD3woI15H_bzJQl8HMgxtlPdB5Y2KMNFBQNa_rFEGS3Sm2HNKncVCg4d-lVFnGN4yan9U5RwNvTIpVh2_nNY_1X_xhedpU2EqyuJ1jdnihWESR9WbCmPKqa0n_4OMvbz4WilphwtleQBr-VpadQe5IDWg5JMxDSpNC1rbG5MzTa0u1zH-mFpb8SSoJYYh-ImhasaqgDNivxnOcFboEsdkbd0gHCMs57Gi2IRsFiWUEO-rqLk4eiCrAU3-JlQ8SDytEzdF-Bo3CqJ56TXvQguQrjHh-1FHNztCY-4mdQXEOG5CIAyHq3gxUEBa7kF_twbL8hiKetI-CwNSunVnHSvpBIFjQ6f8PTFG1SQhcNScg80q7D_OqoZUjJNPMIsgmFLfp7whfwcDsLhwJXxxsC5yVFSUEXMLL_E3zVzDSYGR94j00j34znlk6lOg7iyPaRXoV-IwDeFnMWrzw95D3FBg84Hn4erqQtew7hiF1aGj5kVljC9fYqH_tpHo7AQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2426 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d5de6a492eec0c85725a0fb6a14dfb084d255c5915b03df9360f91d7630f3c1e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 13:22:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81248
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 06 Jan 2022 11:56:09 GMT
h2.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/h2.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f4987d63b8bbfd1e7bd400c584df398776dea01754238286f36d2148b9bf114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 23:29:58 GMT
x-content-type-options
nosniff
age
481923
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2140
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Dec 2022 23:29:58 GMT
h3.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/h3.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98840d0e3b2c403a18446f878eda50d37dfb704a8b2573495b3d84a38365dd6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 15:57:31 GMT
x-content-type-options
nosniff
age
595470
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2363
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 15:57:31 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		806 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=4Info%2Cdeepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e1e4be2d00e62192c9b303b09ed73765284b1f624a60698fa68f303ab038ad4a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 45AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=1834629454140320&rc=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
users
dmx.districtm.io/s/v1/ Frame FCA2 		0
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d0359886ceaeb-ATL
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-ray
6c8d03590f2a1014-ATL
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
users
dmx.districtm.io/s/v1/ Frame E390 		0
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d03598871eaeb-ATL
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-ray
6c8d03590f2e1014-ATL
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
syncnoad
partners.tremorhub.com/ Frame 657E 		742 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=deepintent%2Cadvangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
affd98b9378bbe335e9ac74f2feecb47543387ca5dd22944419f96d98e0d9128

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
h3.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/h3.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98840d0e3b2c403a18446f878eda50d37dfb704a8b2573495b3d84a38365dd6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 15:57:31 GMT
x-content-type-options
nosniff
age
595470
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2363
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 15:57:31 GMT
match
cms-xch-chicago.33across.com/ Frame 2426
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KY1KKVGS-1-D52Q
  • https://ssc-cms.33across.com/ps/?xi=1&xu=KY1KKVGS-1-D52Q
  • https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KY1KKVGS-1-D52Q&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KY1KKVGS-1-D52Q&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google, 1.1 google
server
nginx/1.20.1
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
clear
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KY1KKVGS-1-D52Q&ts=1641388921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
logos.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/logos.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
822f5d782144a32ad42a8110cb54db60fb5effc9dbc09b7a1f69f71b8fad9c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:53:18 GMT
x-content-type-options
nosniff
age
30523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13247
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 04:53:18 GMT
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame BBE7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33BB 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_uExd5vVYaGJGpOJoPMPzo-7sA8AAAAAOAHgBAI&bg=!JSalJmLNAAZKWFskSlg7ACkAdvg8WrJf1XMKo3cKXIJPWHimvicqb0PGBfX2RiLLQ9Md_Y_lsSPSJgIAAAKCUgAAABBoAQeZAwjTD73Aso4zfEeYyaBvHqi8CD9um8gVg00PIqXW3oisDGRPgx8b1naCsepFqfg01NRAaskYFg5mXJaNyQEnWzFDs7Zx064Hvqr3cR54GgtKMR1X4lvEj7J3RAKUgijvy8LpqO3ZryzanafoHGll6aV0qqCGCN-K2QbgqKFJ_emUOBBklGw8WTVIh9rcWoD6FxRhl1waJpI93qodf-KwgM_MTP_AT6gcNnWd9Jz-FAvnAcyyt3m6ukE8JHtwP8dKJhmV9GZIRFa8Mhuem-arNo4d5eipkrD-2e5fKygiRekIKt19g-OHr-KuIFNpgFcsT26HWGuLv6dFJ_xHrbfF1LqSFvmKvVhllFEd7KJKdKql5UtQxjPP3XIB_-Q6DNrsDZfUBqjI5JZVZ2w3obXZL2-fjFn1M4v3OKwPSaZ8ktKzMRwA_NB-oZfAimsNt9Kfzij1C5ZY7u1hBd-LrhwQYPu5iducQtcofkmt6qtVF-VSmAKSUfpH6nAOUUC82IjllJ8bUs1AZlfiW_zuPM5_03JD6PmgwuqxTd2ODVcv08ciTeifSb3ND58edlL3UpwXNckgKA9Px6mSk9l0RQXmzTA65jHMxO6boHLebu9txF0uOZ0CrZYDtSBLnUNs1rQudH8oGX3YxJ8xWHhEp7-smpV2KjyOlSDxp16Ax_TDLbtYImDAKK_Juo2VTYDwdh7cee6i-SHAteKZgQOAmK-SD65HTHOPEO09h8niQeLVY8teXCE1xIMRRL4ztDpoyP4PdrWJrr0jC9l5TTX-OVFXYw92MV5jXU9KNMAK_Zn7cBwJHhI4Ls-YCcxg1NfaKKVqYtzfi1-HSOz9l3JVjm65m52Td73RTDRAXuOuHFzwRZoDAo4sJeuA54d6QhEp_n4aaSzk7a7wruIdKHezeO8sU3T3guxgE3u3yLcCdbTcQw9DPElPW5tF2TAmeHLxFUnBUB1lHJKBWrY5TeHpgyd79a5eIFTOtyw5b4wikf8lNxxo1ZSHtqxAdN3lZZQB_6Jl99ua80IEICVF7A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F18A 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqK17d5vVYYKNJaqMoPMP7ficuA0AAAAAOAHgBAI&bg=!-vml-b3NAAZKWFskSlg7ACkAdvg8WifhB1lRoaF5EVEcdHtqyGh2KPTx9N2H6PnaMVpAKKon1QUabgIAAAHkUgAAAA1oAQcKADE_jT4HHSUopc5Eizd74iWQc2VxszKm4NQt4hbUYssEq76AwNRLCggUTD6F_QVoJr8KmQMZYD7njwkJ0ErxeR4Tbhspi7mzVTNg_l9VkGwd942UTFtr-En75JYzRAgcHKPVyag3R12tU7fF0jP4KkJmNoiT3aLk_L8R1H_01ZYGNF0kWdd1kGLfGQZgqeH27izLRWzTbExs3Sq9gQ7hvthxSfX_GQvICH_pqtRiWdSTBkcpBC7_c3ER0CqwO3i7dPHG8EQI2_hgEM08Yen_df9R2I7oZpJKGVTE1Xnq3DhGC1oAVARATnBgR0UP2zvjc0IK877ZDSXwPngAxdEvZVkoEiR-Qs6wUzjhJQhmGC0cJEkmbq4NEOTLv9p2mMeos_Gsrdq-8_itMsdFBJ8fpd0Y5gTkgjpGPWgTVeO2U_Gix36N_FA1-5XqPA0fUG9Rx-YUc1bwjYNcvt7VTN_HWGjdKHPFoni7-c3g7W0Q5tGivXmQ7wBAVSZMRnm62h60nXT8FkB82GOY9bZaSCS7Csl89GE6hQnXCblbKbjG-6SZi7fkWORvLTdGlhNaqvFVQ_rNjxPW7U5Eu_YGq7RGjGrBwl_AoZNesHnjG53Dqy1_e3NhUfQM_jg3T_cm0kvt0xTTXuyR5kYU8vwO3r4BsXF9wrBCSnhT33GB_Pkv2FRRHZCV5qfJ5XdOJXs2Wipid9YIfqRZluP3EzIV_MdFY3wLXY4ZE6QNsz699dxQDIto5KtVGmMWAvbHJ6dBDwk9KhUe0XCDa-ZVAv23A_C5WOkfQ6RvyIxBjyaXRQo2Yn4gh00yRFjyFGP_bWwBmosmw0drM-SCgEirQJA2k9sZjgwwG1u7HuHES9wizckVt-vapLr5tIz02JOvfFH16fFU_wyuHTwHouE1gO7Cn8YkDUXKscelw0Ijo9ZrU0Z0AGRBwAcpUF6DfhjPmX2SUOh_Ijx8lFFXq6spdkZPWag651pLaT0uF103_WRHLUax3Rd5pqHvz18TV_LLbX_JYtHCEMizgKR0IIk72rjuSZ_uFXJ3fORCBd5O_n8SDm_dygFT0iFxpXrU6Wa1pOvpekriEhQ0FbTg69KqQbJwPu9e9X-Vl_TL7dJJ_bgLjgR28w
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		777 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=advangelists%2Cmartinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
50c90149928ce4bdd9ad3f9772dde8230beac526f594525d3ccccce3dc765dc7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
logos.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/logos.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
822f5d782144a32ad42a8110cb54db60fb5effc9dbc09b7a1f69f71b8fad9c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:53:18 GMT
x-content-type-options
nosniff
age
30523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13247
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 04:53:18 GMT
tape1.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/tape1.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b1ec375703b8320e5f342744bce5f995c4ad351df294a5009f0ed5ec7e7619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 16:22:45 GMT
x-content-type-options
nosniff
age
593956
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16534
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 16:22:45 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		708 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=martinai%2Czypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
69d4ae0c662947222fdd776ff92af956dab993da28f129f7d9cbf039eb489b9a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
tape1.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/tape1.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b1ec375703b8320e5f342744bce5f995c4ad351df294a5009f0ed5ec7e7619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 16:22:45 GMT
x-content-type-options
nosniff
age
593956
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16534
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 16:22:45 GMT
tape2.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/tape2.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f041c018d27c3512844e9cdb19f40cb262e13ac1cd587e3a53dac6ca7b696bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 01:32:11 GMT
x-content-type-options
nosniff
age
474590
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17038
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Dec 2022 01:32:11 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		652 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=zypmedia%2Cacuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d2d034edf69a74c7c538496dd8054a207852072a4e7db3efda08da614ca965b4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
tape2.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/tape2.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f041c018d27c3512844e9cdb19f40cb262e13ac1cd587e3a53dac6ca7b696bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 01:32:11 GMT
x-content-type-options
nosniff
age
474590
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17038
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Dec 2022 01:32:11 GMT
tear.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame D676 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/tear.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923c37d8d88e7379aab644697c1f53a86f78fb59f6c527beade7ed81edfa992e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:49:38 GMT
x-content-type-options
nosniff
age
138743
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29186
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Jan 2023 22:49:38 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		690 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=acuityads%2C_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8c2a1834ee0a07c71a2c9cfce0b5516eade86be0cd45607fb83c86527633f706

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 4B2E 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
users
dmx.districtm.io/s/v1/ Frame FCA2 		0
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d035a5993eaeb-ATL
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-ray
6c8d0359f8b71014-ATL
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
users
dmx.districtm.io/s/v1/ Frame E390 		0
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6c8d035a598feaeb-ATL
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
cf-ray
6c8d0359f8ba1014-ATL
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
syncnoad
partners.tremorhub.com/ Frame 657E 		701 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=_google_dfp%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
45affe414a0fe5bb74ec292f80299627757f7de9ffe35d1c2aa42fb14ab18689

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
container-1.0.html
resources.infolinks.com/static/ Frame E02E 		430 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-1.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1771.005-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-type
text/html; charset=UTF-8
last-modified
Wed, 17 Nov 2021 13:25:02 GMT
cache-control
max-age=2592000
expires
Fri, 04 Feb 2022 10:00:50 GMT
via
1.1 google
cf-cache-status
HIT
age
12071
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c8d035a18218d79-ATL
content-encoding
gzip
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0920899300397823&plah=www.bleepingcomputer.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01422988e80c648184ee30a4b56757b9ca586b99ac8e4014bff80066c7f6e4c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8722
x-xss-protection
0
rum
www.bleepingcomputer.com/cdn-cgi/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6c8d035a3a5d8d5a-ATL
vary
Origin
rum
www.bleepingcomputer.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6c8d035a8af78d5a-ATL
vary
Origin
tear.png
s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/ Frame 15C9 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/images/tear.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923c37d8d88e7379aab644697c1f53a86f78fb59f6c527beade7ed81edfa992e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6210601919916397830/adc_RET_makemoney_728x90_HTML5/adc_RET_makemoney_728x90_HTML5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:49:38 GMT
x-content-type-options
nosniff
age
138743
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29186
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 18:12:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Jan 2023 22:49:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A103 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=1834629454140320&bg=!c3ClcDTNAAZKWFskSlg7ACkAdvg8WpQhy9Iv8n1B0x7bPfmdKYIUEytQF_Znv_lC4OVzDZzQ_nUMtwIAAACDUgAAAAxoAQeZAugZsyA0xMP3sFuwh7t0DOXOa103haR4Vbyj_iWnRS8BMZ6w-B7QmRVc-5aIML-ujXT05cAWDPOwFIKWwHCQPjW6G69N75Pb1yox2PQydWyyDf3WYlFoZkLeWkJGITJADHw87_O6Zo_IlparaGTNQ8wHnqGP0_nDbcpaRJIsThWT12Elm8acFUxZs2XGxGZlecmZ-MuRnGPgs55wgCdypjpjLJOHu5ucIl5RQ_aPINt7FdjiS49UB92V2fKjoCEeZoKmB8ffmX65hMr_2zfUfoj7W6KsNgGYoW6urDVA-ypq6Ytn7mfxp_b8dzq0Z2-1G8Xsh5d5OYe6kubMLKs9qQJnfysPETYHZRwHYMAvln2F_dtZi-ZabXGJrBbC9_PQhtl_yJ-6fjrLD_iurVdgsXabXJ7js8tYwgqpp6_b1NOZUaeMTJEwaF3MREPTXKQoA33uOuhsoyiOvD8Xf2z2YiNfNcWPth25qY4PV1Itb1wcxt2Y719lePcNOgIXFbjGkW9p3uFpR4AnjO1WYKR3JY-eBuXpK27SFq3D1C_A5whrP6thkuHm8vugEYw2AfcWNySMvHNweuUHA6Blfm0uVqe-eVIGkPas5090JZlJYaDgkdDvIOXH0CgiFtkxviJND8xDT9FRMR8lD9gPgudO55eAtBPimWuwm9xnxy0B1RqRqKmPC8iwOQLdCoh4hEL35ez6xRYi52KADv55ICflH53Rfg4nLOevYI0MPs6S4SseClZBQiAIRadoW6vKndCuH-4VuN6x6nLDT3uvrD-E3wZK-rzxfz95ftQzq2ztQSGwScYBdWjIjs86pkLn9_PJAR6ytxEedv4qzCTfoqgS-qrX8UdamHUPdgKcg1dY6SVhVzDJmwijQo-rKMt8QA1gMrT7yatNbfZZgI84bz4hDYzKLjn0Msfu2DyYGffr4nwbniFGdyQ1JkN-Kjx3DD6ugBivAFrSKY2djJtUuFpirpq3QpzEV4j_qJU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
syncnoad
partners.tremorhub.com/ Frame 657E 		671 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8ce7b197b18381a99ebc30e734f7f80f0a3f652e9db8305fd25ae878d4a5e76e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
async_usersync
ib.adnxs.com/ Frame D47E 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6c9d9a2f-a64b-42c1-89fc-372f72178598
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:22:02 GMT
async_usersync
ib.adnxs.com/ Frame 0FD4 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b920069d-c5ca-45e3-8cf0-57755983ad05
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		633 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d785c2e687ac3effe87f49b4c9ce112eaab66198f4a655765b91025050fd76b8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		634 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9c074099e09f8693abcd0958779718834c8c65abd625347898483817ca50ee25

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
receive
pixel.tapad.com/idsync/ex/ Frame E02E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=4075b9d3-bb68-4d1f-974a-2ce0b10f4046=&partner_id=3337
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd7b7191d-d622-41e5-95b6-2af052de3db6%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6285311477415990070&pt=d7b7191d-d622-41e5-95b6-2af052de3db6%2C
95 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6285311477415990070&pt=d7b7191d-d622-41e5-95b6-2af052de3db6%2C
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 582.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b025989c-2b2e-4f91-8ac9-b44c0463588e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=6285311477415990070&pt=d7b7191d-d622-41e5-95b6-2af052de3db6%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3AE9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Wed, 05 Jan 2022 06:25:07 GMT
expires
Thu, 05 Jan 2023 06:25:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25015
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A90C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0fbae20eb8bce8f39c62514b485b8ac2a3aca61a69111823f2fd88f2acb756e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5wMNSO8jLOffMIoCUOnL0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 05 Jan 2022 13:22:02 GMT
date
Wed, 05 Jan 2022 13:22:02 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5wMNSO8jLOffMIoCUOnL0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
syncnoad
partners.tremorhub.com/ Frame 657E 		589 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
2cf84d940bf607324a6ed47e00c244a28a943e7a15c059ce762080fba1b73596

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame 3AE9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 06:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
25016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:06 GMT
syncnoad
partners.tremorhub.com/ Frame 657E 		602 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0e978b16b20e010d322bace3a6931c000607a4a3689f6d48dce3abd5155ff57f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame A90C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=370256857010727&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
syncnoad
partners.tremorhub.com/ Frame 657E 		118 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=1a655161f99844eca4a4b1f28b54f206&p=*&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://retargeting.bksn.se/webr?URL=telariaweb&red_exchange=63&teluid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIBU=W021641388922S17673G9319
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIBU=W021641388922S17673G9319
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
nginx/1.10.1
Location
https://partners.tremorhub.com/sync?UIBU=W021641388922S17673G9319
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
2
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=7115&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIRF=978477403571465463&r=sfyzNJOdVnzz
43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=978477403571465463&r=sfyzNJOdVnzz
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
https://partners.tremorhub.com/sync?UIRF=978477403571465463&r=sfyzNJOdVnzz
Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 657E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_hm=ZGIyMDVjZmIwM2MwNDY4Nzg0MDdjZDMzZTdlNjQ1ZGQ%3D&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://tremor-match.dotomi.com/match/bounce/current?networkId=1103&version=1&nuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIDT=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475322&nuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206
43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIDT=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475322&nuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://partners.tremorhub.com/sync?UIDT=AQEI6an492HHXwJRtiigAQEBAQE&expiration=1641475322&nuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/P2n85yff?redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITM%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UITM=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&rid=1a655161f99844eca4a4b1f28b54f206&
43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UITM=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641388922.286024,VS0,VE0
x-served-by
cache-atl18459-ATL
x-cache
HIT
location
https://partners.tremorhub.com/sync?UITM=YdWbcQADT-oI8wAm&gdpr=0&gdpr_consent=&rid=1a655161f99844eca4a4b1f28b54f206&
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
amobee-partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=40&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://amobee-partners.tremorhub.com/sync?UITN=3747225568690969523&gdpr=0&gdpr_consent=
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amobee-partners.tremorhub.com/sync?UITN=3747225568690969523&gdpr=0&gdpr_consent=
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://amobee-partners.tremorhub.com/sync?UITN=3747225568690969523&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 05 Jan 2022 13:22:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://i.w55c.net/ping_match.gif?st=TREMOR&rurl=https://partners.tremorhub.com/sync?UIDX=_wfivefivec_&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIDX=GI2D34ul1N56eJ5&rid=1a655161f99844eca4a4b1f28b54f206&
43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIDX=GI2D34ul1N56eJ5&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:01 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-051585acc4d9c1c60@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://partners.tremorhub.com/sync?UIDX=GI2D34ul1N56eJ5&rid=1a655161f99844eca4a4b1f28b54f206&
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://dt.videohub.tv/ssframework/cookieSync.htm?UITR=db205cfb03c046878407cd33e7e645dd&url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITR%3D%255Buser_id%255D&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Date
Wed, 05 Jan 2022 13:22:02 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
p
sb.scorecardresearch.com/ Frame 657E
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=595&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=595&rid=1a655161f99844eca4a4b1f28b54f206&&s_h=1
  • https://partners.tremorhub.com/sync?UIVO=dd9b43af-f1ad-488c-8608-f9da8c742205&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D596
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=596
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=dd9b43af-f1ad-488c-8608-f9da8c742205&rn=TIMESTAMP
64 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=dd9b43af-f1ad-488c-8608-f9da8c742205&rn=TIMESTAMP
Protocol
H2
Server
13.225.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-24.ewr50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 f1742871ff3f5482a0c79a4d483d78a9.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
GhIeGrhlB2lMPzUaf0u2KP5YKehJM7hRh2Dni7A34bpMN_9U1cN-Og==

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
location
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=dd9b43af-f1ad-488c-8608-f9da8c742205&rn=TIMESTAMP
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tremor&ttd_tpi=1&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UITD=1a63fcc3-1a56-4f35-8bf5-da845493f467
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UITD=1a63fcc3-1a56-4f35-8bf5-da845493f467
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://partners.tremorhub.com/sync?UITD=1a63fcc3-1a56-4f35-8bf5-da845493f467
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
185
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://partners.tremorhub.com/sync?UIAN=$UID&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIAN=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAN=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
dd766a71-ee0f-4e45-8b2c-76f4401fdd22
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://partners.tremorhub.com/sync?UIAN=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=77&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
odr.mookie1.com/t/v2/ Frame 657E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=tremor&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=tremor&gdpr=&gdpr_consent=
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=tremor&gdpr=&gdpr_consent=
Protocol
H2
Server
35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.90.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&ssp=tremor&gdpr=&gdpr_consent=
Date
Wed, 05 Jan 2022 13:22:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://vop.sundaysky.com/sync/tremor-adx/?rid=1a655161f99844eca4a4b1f28b54f206&
  • https://vop.sundaysky.com/sync/tremor-adx/?rid=1a655161f99844eca4a4b1f28b54f206&&_cvt=t
  • https://partners.tremorhub.com/sync?UISS=d6.4f465466129a4da8a25924fdcf457aa9
43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UISS=d6.4f465466129a4da8a25924fdcf457aa9
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UISS=d6.4f465466129a4da8a25924fdcf457aa9
date
Wed, 05 Jan 2022 13:22:02 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-length
0
x-xss-protection
1; mode=block
us.php
gu.dyntrk.com/adx/tv/ Frame 657E 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/tv/us.php?dynk=tr1m3rvid38&tvuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.118.168 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns571817.ip-51-161-118.net
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=59&redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIMM%3D%255Bmm_uuid%255D&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
MT3 4133 baa842e master iad-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:22:01 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://match.adsby.bidtheatre.com/tremormatch?rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIBT=80c83626-daad-40d9-b18c-a4b2cb54ed73
43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIBT=80c83626-daad-40d9-b18c-a4b2cb54ed73
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
https://partners.tremorhub.com/sync?UIBT=80c83626-daad-40d9-b18c-a4b2cb54ed73
Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/tm?tvuid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIBW=AAFt-E7DqzcAABFrhrnOiw
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIBW=AAFt-E7DqzcAABFrhrnOiw
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UIBW=AAFt-E7DqzcAABFrhrnOiw
Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2064&partner_device_id=db205cfb03c046878407cd33e7e645dd&partner_url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITA%3D%24%7BTA_DEVICE_ID%7D&r...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=d7b7191d-d622-41e5-95b6-2af052de3db6&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=d7b7191d-d622-41e5-95b6-2af052de3db6&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=80022630658207436371020313280275282979&pt=d7b7191d-d622-41e5-95b6-2af052de3db6%2Chttps%3A%2F%2Fpartners.tremorhub.com%2Fsy...
  • https://partners.tremorhub.com/sync?UITA=d7b7191d-d622-41e5-95b6-2af052de3db6
43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UITA=d7b7191d-d622-41e5-95b6-2af052de3db6
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UITA=d7b7191d-d622-41e5-95b6-2af052de3db6
date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=tremor&AG_SETCOOKIE&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIAG=72db71b4-6e2a-11ec-b017-01e8582d969d
43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAG=72db71b4-6e2a-11ec-b017-01e8582d969d
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
server
Cowboy
Location
https://partners.tremorhub.com/sync?UIAG=72db71b4-6e2a-11ec-b017-01e8582d969d
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
sjc-delivery-2
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560711&ev=1&rurl=https://partners.tremorhub.com/sync?UIPP=%25%25VGUID%25%25&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIPP=71tFyAgxDfjK&ev=1&pid=560711&rid=1a655161f99844eca4a4b1f28b54f206
43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIPP=71tFyAgxDfjK&ev=1&pid=560711&rid=1a655161f99844eca4a4b1f28b54f206
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://partners.tremorhub.com/sync?UIPP=71tFyAgxDfjK&ev=1&pid=560711&rid=1a655161f99844eca4a4b1f28b54f206
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-685df6f7b9-7vnms
expires
-1
sync
brightroll-partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/tremor/db205cfb03c046878407cd33e7e645dd?rid=1a655161f99844eca4a4b1f28b54f206&
  • https://brightroll-partners.tremorhub.com/sync?UIBL=y-obDuyNdE2oQMLeLk2WJBjGlza8tlvekNhxU0~A
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brightroll-partners.tremorhub.com/sync?UIBL=y-obDuyNdE2oQMLeLk2WJBjGlza8tlvekNhxU0~A
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Wed, 05 Jan 2022 13:22:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://brightroll-partners.tremorhub.com/sync?UIBL=y-obDuyNdE2oQMLeLk2WJBjGlza8tlvekNhxU0~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
sync.bfmio.com/ Frame 657E
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=128&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
Protocol
HTTP/1.1
Server
35.173.82.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-82-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 13:22:02 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=1a63fcc3-1a56-4f35-8bf5-da845493f467
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185449&cb=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIIE%3D__UID__&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIIE=YdWbcBgovym-M.HPZmH3eQAA%26946
43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIIE=YdWbcBgovym-M.HPZmH3eQAA%26946
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://partners.tremorhub.com/sync?UIIE=YdWbcBgovym-M.HPZmH3eQAA%26946
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
255
Expires
Wed, 05 Jan 2022 13:22:02 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://sync.1rx.io/usersync2/tremor?rid=1a655161f99844eca4a4b1f28b54f206&
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005&rndcb=4537854866
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_pa...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e5134c6aa1984914bc5ed8c0b8f61662&ssp=adconductor&bsw_param=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&gdpr=&consent=&gdpr_pd=&expires=7
  • https://sync.1rx.io/usersync/bidswitch/20a5fbc5-73de-4467-b1a9-6b8c62cfc742?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005?redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIRO%3DRX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
  • https://partners.tremorhub.com/sync?UIRO=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRO=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
Tengine
ETag
RX7dee9e15f789480db5b70485aa3d433e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://partners.tremorhub.com/sync?UIRO=RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
Connection
keep-alive
Content-Type
text/html
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1255&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIAF=8664334389647396867
43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAF=8664334389647396867
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
nginx
location
https://partners.tremorhub.com/sync?UIAF=8664334389647396867
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
telaria
tr.blismedia.com/v1/api/sync/ Frame 657E 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/telaria?rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
alt-svc
clear
tl
x.mdhv.io/ Frame 657E 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.mdhv.io/tl?db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
cache-control
no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-type
image/gif
content-length
0
expires
-1
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://cookie.brealtime.com/getuid?https://partners.tremorhub.com/sync?UIEM=$UID&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://secure.adnxs.com/getuid?https://partners.tremorhub.com/sync?UIEM=$UID&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIEM=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIEM=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 582.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
928f1b6a-a5ee-4b5b-8764-20611f4efc10
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://partners.tremorhub.com/sync?UIEM=6285311477415990070&rid=1a655161f99844eca4a4b1f28b54f206&
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b29&u=db205cfb03c046878407cd33e7e645dd&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIEX%3D%24TF_USER_ID_ENC%24&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIEX=18072662315408922977
43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIEX=18072662315408922977
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
8553
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c8d035c4e1563c3-ATL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://partners.tremorhub.com/sync?UIEX=18072662315408922977
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://partners.tremorhub.com/sync?UIAL=%24%7BADELPHIC_CUID%7D&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIAL=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&rid=1a655161f99844eca4a4b1f28b54f206&
43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAL=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
https://partners.tremorhub.com/sync?UIAL=72e5d80a-6e2a-11ec-9c3a-99462fc17f30&rid=1a655161f99844eca4a4b1f28b54f206&
Date
Wed, 05 Jan 2022 13:22:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
7832f54a-6e2a-11ec-b373-216702a4ec2c
CookieSyncTelaria
rtb.adentifi.com/ Frame 657E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTelaria?rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.169.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-169-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://um.simpli.fi/telaria?rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UISF=1D5525D15A044016B14FBC531747C717
43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UISF=1D5525D15A044016B14FBC531747C717
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Wed, 05 Jan 2022 13:22:02 GMT
x-content-type-options
nosniff
server
nginx
location
https://partners.tremorhub.com/sync?UISF=1D5525D15A044016B14FBC531747C717
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 04 Jan 2022 13:22:02 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-twkF4WP-Na6M_.gif?idmatch=0&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?gdpr=0&UIQC=EI4Ekx_dV5cLhwPDFYtNlBOLVsIL2lGXEtzve1tT
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?gdpr=0&UIQC=EI4Ekx_dV5cLhwPDFYtNlBOLVsIL2lGXEtzve1tT
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://partners.tremorhub.com/sync?gdpr=0&UIQC=EI4Ekx_dV5cLhwPDFYtNlBOLVsIL2lGXEtzve1tT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://telaria.adhaven.com/bid-engine/cs/b0220446f5947deaf1c7123bf551084d/v1?rd=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUI4N%3D%24UID&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UI4N=4c_e5406964-a297-4d08-8e2c-c994aab88b46
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UI4N=4c_e5406964-a297-4d08-8e2c-c994aab88b46
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UI4N=4c_e5406964-a297-4d08-8e2c-c994aab88b46
date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
clear
content-length
0
store
match.deepintent.com/usersync/128/ Frame 657E 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/128/store?id=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=203&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIAD%3D&7BPARTNER_VISITOR_ID%7D&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIAD=
43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAD=
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UIAD=
date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
content-length
0
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/telaria?teluid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=MfRdyeb4M?https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=MfRdyeb4M&partner_url=https://partners.tremorhub.com/sync?UI...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=MfRdyeb4M&partner_url=https://partners.tremorhub.com/sync?UIAI=MfRdyeb4M
  • https://partners.tremorhub.com/sync?UIAI=MfRdyeb4M
43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAI=MfRdyeb4M
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UIAI=MfRdyeb4M
date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://sync.extend.tv/telaria?rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIZM=7e6e6167-37c2-40ae-a7d9-d64edf2b6875
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIZM=7e6e6167-37c2-40ae-a7d9-d64edf2b6875
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://partners.tremorhub.com/sync?UIZM=7e6e6167-37c2-40ae-a7d9-d64edf2b6875
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
100
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://ums.acuityplatform.com/tum?tpid=314&uid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://partners.tremorhub.com/sync?UIAA=637414288351
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAA=637414288351
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://partners.tremorhub.com/sync?UIAA=637414288351
sync
google.partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=MnlCYy13UEFSb2VFQjgwejUtWkYzUT09&google_cm&rid=1a655161f99844eca4a4b1f28b54f206&
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEHkyzJ9zFxrNr1kYOAFVjOI&rid=1a655161f99844eca4a4b1f28b54f206&google_cver=1
43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google.partners.tremorhub.com/sync?UIDF=CAESEHkyzJ9zFxrNr1kYOAFVjOI&rid=1a655161f99844eca4a4b1f28b54f206&google_cver=1
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://google.partners.tremorhub.com/sync?UIDF=CAESEHkyzJ9zFxrNr1kYOAFVjOI&rid=1a655161f99844eca4a4b1f28b54f206&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
odr.mookie1.com/t/ Frame 657E 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_47358&src.visitorid=db205cfb03c046878407cd33e7e645dd&rid=1a655161f99844eca4a4b1f28b54f206&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.90.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 657E 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=tremor_ssp&partner_uid=db205cfb03c046878407cd33e7e645dd&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1641388922
x-served-by
beacon-n010-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
demconf.jpg
dpm.demdex.net/ Frame 657E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd?rid=1a655161f99844eca4a4b1f28b54f206&
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd
Protocol
HTTP/1.1
Server
34.217.165.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-165-61.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-0d1173e0e.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3qE9xwapQLg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v023-024991644.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
VB+3szH9TGE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tpid=db205cfb03c046878407cd33e7e645dd
sync.crwdcntrl.net/map/c=12707/tp=TLRA/ Frame 657E 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=12707/tp=TLRA/tpid=db205cfb03c046878407cd33e7e645dd?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-153-177.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.190
content-type
image/gif
content-length
49
expires
0
/
sync.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 657E 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/telaria-rtb-network/1/rtb-h/?taboola_hm=db205cfb03c046878407cd33e7e645dd&orig=video&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22545
gen_204
pagead2.googlesyndication.com/pagead/ 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=370256857010727&bg=!V1SlVBDNAAZKWFskSlg7ACkAdvg8WiUSFEQfZu7WsGx7RYkJEpz_Peq_OV3SCy6g555FJn6FbHe6YAIAAAB6UgAAAAtoAQeZAraAXbjzG_vWYrIa5suFjipVMCydnqHov7xzVUMhKCLGKFHBwvaYqi_mhJ4-tEFAOry1K_Xnx1m8lr5dWMmB49_wsaq3qZ-vOtorh3YTcsQs-jecq-f057egLYZ1bD8rF1zwUnTD25f6tGTZ2YTSJ0XkpsGuoJCW8G1qhnaUjMpKMf2zvYLyI1ZkfZwnfuKzRYnZkyn-pwf5nIXj7lrOE7C0IfmMlrk4qNP5eMX2utAUoz2H01WNepqFC77UUCpdg30jrBmAnvjLxVqcCVIJlX0bPTYrp37uiLs5GxhnIjuytkd15_Rt6Ydmf24qF4jtG_9aWW1_wRGt0sYiRmcIqn4qSe_kSzHiRzcbcHTNKKisN_B7mpBH9wxuXegBEYWb1yGmwB0bIqcqWbTUKNXqwGfa6rgyyyDpro_2WU7Qbd5VZ4ItmUDSR6zrFWJ24gvfbDxA0t8SbDZKRPYnHiwuku9Gl7uCaGz2nCgy66P_pFYfq_XzSzNJ2-phwxNrx98ZE9V9WA22DY9vmuTXx77Zr-WLgw5NIsTpw1-mtJ0FpiVs6zB0gsaaVx6ti77xU05mtP7ZNBAqWHMbZ09hnXABjkfxb-nyqtg9ooBcTs43bnAj97NqnOeCxm2ZC12cPn-tmHmMvxineTCGpSh9EbtYFw80DCqXBNQVZUBdNDb979fCyid8d16YZtDrZv_eyqEyX11rWKvz0BJD4gVJXYcJl58piWz_cagfHmWLNn0tg7kzTXoE3pU9nyN08TusCFrfRXlV1SMg2ucY2tM6tF22MkO7q5JC2EUTrExszbXjzDAVrwyo_UENGeeQ_rE9ZJJq1h468QJYhVUsTL4c0I-w_0xVaNmY888P4hpvr5T_RrOqtf34lAORWO6M5oYWMwa9nShXrijOQUXpTrL6yKxdFrNgVxAIcPt2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-nyc.doubleverify.com/ Frame B6F9 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=55480ad5fbe44ebb8993fdbc65c3666f&gdpr=&gdpr_consent=&vdur=360&eoid=9&msrjs=1971&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0511&dvp_acibv=&bsigr=34359738497&sdf=2&vit=2&isvelg=1&tltms=49&tetms=10&msltms=99&vltms=360&sei=290&vetms=201&engms=1&engisel=1&ttfurm=2590&cbust=1641388922559559
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1971.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:46 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
01/04/2022 13:22:02
event.png
tpsc-nyc.doubleverify.com/ Frame D337 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=b4f5bd9f02d6440b8293548183b5c323&gdpr=&gdpr_consent=&vdur=272&eoid=9&msrjs=1971&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0511&dvp_acibv=&bsigr=34359738497&sdf=2&vit=2&isvelg=1&tltms=50&tetms=12&msltms=125&vltms=272&sei=290&vetms=194&engms=1&engisel=1&ttfurm=2472&cbust=1641388922567590
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1971.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:02 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
01/04/2022 13:22:02
PugMaster
image6.pubmatic.com/AdServer/ Frame 8E3F 		47 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87007211&p=156696&s=269885&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
event.png
tpsc-nyc.doubleverify.com/ Frame 3A36 		0
281 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=c655880c412e48e68fede7125da147f4&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=54&eoid=9&msrjs=1971&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0511&dvp_acibv=&bsigr=128&sdf=2&vit=2&isvelg=1&tltms=51&tetms=11&msltms=75&vltms=54&sei=290&vetms=235&engms=1&engisel=1&ttfurm=2293&cbust=1641388922739578
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1971.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:30 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
01/04/2022 13:22:02
integrator.js
adservice.google.com/adsid/ Frame 657E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
abt
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:22:01 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
ads
pubads.g.doubleclick.net/gampad/ Frame 973E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_18&description_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4330113453380766&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=2779254812&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=42E53C53-B51F-48B1-947F-D8FC20DAF166&nel=1&eid=44750604%2C44750823%2C44752657&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&loc=about%3Ablank&dlt=1641388911787&idt=2681&dt=1641388922794&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&scor=750740114296130&ged=ve4_td11_tt9_pd11_la11000_er1621.479.1780.785_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
media
direct.ad.cpe.dotomi.com/cvx/client/direct/ Frame 657E 		68 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/cvx/client/direct/media?sid=210064&placement_id=6b95896&vpaid=2&m=11&mdf=mp4&vastver=2
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:ae80:1451:17::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:02 GMT
server
nginx
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
integrator.js
adservice.google.com/adsid/ Frame 657E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame E4A5 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_10&description_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=681068110677249&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3102474806&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=E4D6D6A9-1337-4780-A2C6-CD878C04817B&nel=1&eid=44750604&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&loc=about%3Ablank&dlt=1641388911787&idt=2510&dt=1641388923522&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&scor=2020990214541353&ged=ve4_td12_tt10_pd12_la12000_er1621.479.1780.785_vi0.0.1200.1600_vp0_ts9_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-nyc.doubleverify.com/ Frame B6F9 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=55480ad5fbe44ebb8993fdbc65c3666f&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=4&eoid=12&ismms=79&isumms=79&isvelg=1&nvr=2&elmtp=1&isbxdms=2680&b0=2888&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2888&sftb=2888&msrdp=2&naral=642&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=77&dvp_hdnAd=0&dvp_dpr=1&cbust=1641388923558267
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1971.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:03 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
01/04/2022 13:22:03
event.png
tpsc-nyc.doubleverify.com/ Frame D337 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=b4f5bd9f02d6440b8293548183b5c323&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=4&eoid=12&ismms=21&isumms=21&isvelg=1&nvr=2&elmtp=1&isbxdms=2522&b0=2761&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2761&sftb=2761&msrdp=2&naral=642&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=20&dvp_hdnAd=0&dvp_dpr=1&cbust=1641388923567206
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1971.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:47 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
01/04/2022 13:22:03
g
capi.connatix.com/rtb/ Frame 657E 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
963431a56e56cfed976886eba37c3a36ce09dc3a8b4833f13fc58ef945f682a5

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:22:03 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
1210
event.png
tpsc-nyc.doubleverify.com/ Frame 3A36 		0
281 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=c655880c412e48e68fede7125da147f4&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=12&ismms=22&isumms=22&isvelg=1&nvr=2&elmtp=1&isbxdms=2322&b0=2592&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&lftb=2592&sftb=2592&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=21&dvp_dpr=1&cbust=1641388923738797
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1971.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.75 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb105.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
Pragma
no-cache
Date
Wed, 05 Jan 2022 13:21:31 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
01/04/2022 13:22:03
media
direct.ad.cpe.dotomi.com/cvx/client/direct/ Frame 657E 		68 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/cvx/client/direct/media?sid=210062&placement_id=a505873&vpaid=2&m=11&mdf=mp4&vastver=2
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:ae80:1451:17::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:04 GMT
server
nginx
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
pixel
cm.g.doubleclick.net/ Frame 657E
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-de...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjcwOGQxZWItMzNkZC0yZWY3LWY2NGItZmMzNjE1OWE3NTQ5&gdpr=0&gdpr_consent=undefined
0
0
av
connatix-d.openx.net/v/1.0/ Frame 657E
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-de...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-n...
48 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&cb=e21167e6-069a-4997-bfec-bd416e7108a9&vwd=834&vht=469&gdpr=0&gdpr_consent=undefined&us_privacy=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 05 Jan 2022 13:22:04 GMT
via
1.1 google
server
OXGW/17.0.0
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&cb=e21167e6-069a-4997-bfec-bd416e7108a9&vwd=834&vht=469&gdpr=0&gdpr_consent=undefined&us_privacy=
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
media
direct.ad.cpe.dotomi.com/cvx/client/direct/ Frame 657E 		68 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/cvx/client/direct/media?sid=210060&placement_id=951c4b8&vpaid=2&m=11&mdf=mp4&vastver=2
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:ae80:1451:17::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:04 GMT
server
nginx
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
tag
slckg-2p3vy.ads.tremorhub.com/ad/ Frame 657E 		780 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://slckg-2p3vy.ads.tremorhub.com/ad/tag?adCode=slckg-tdx6n&playerWidth=834&playerHeight=469&playerPosition=1&mediaTitle=%5Bvideo_title%5D&mediaDesc=%5Bvideo_description%5D&mediaId=%5Bvideo_id%5D&mediaUrl=%5Bvideo_url%5D&srcPageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&contentLength=%5Bvideo_duration%5D&gdpr=0&gdpr_consent=undefined&schain=1.0,1!connatix.com,102734,1,,,,&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:5d9:11f2:8a3:eea6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f415c607a8148698844b24089b2dc2e8ccf73f4724d07f459a1689b9a84d0dc6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		835 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=advangelists%2C_dmp_krux%2Cadtheorent%2C_dmp_lotame%2Cmediamath%2CBidswitch%2Cdynadmic%2C_supply_taboola%2Cmadhive%2C_dmp_adobe%2Ctremornet%2Cbeachfront%2Cdeepintent%2C_dmp_turbine%2Cgoogle%2Ccentro&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&init=true&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
eb7e691692074a51ad95e6c1cabb30d45e66c545b8d028fae6ace94a90e83da2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		856 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=tremornet%2Ccentro%2CBidswitch%2Cdynadmic%2Cmediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
2bd6384368e53e55ae1da857f2b387fcd27d2ae16a2d2986ff3fd8693a272e2b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		748 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=centro%2CBidswitch%2Cdynadmic%2Cmediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7cb2684d87a94d305f9780d2d2e6f4fb1023a3487f90e11dce73da4c4ece620e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		722 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=Bidswitch%2Cdynadmic%2Cmediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ab4d34fd3cfb26efb5e2806e2869c760ef89c01e5dc76b7c431d00bd5247ea20

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		763 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=dynadmic%2Cmediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
238f627754941864d33227ba1d2ddcdc2cb9a0021d6431025ad3631228dfffc3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		771 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=mediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d5e5f32ef3dcb28c15ec31d9d305a4d38776f6de57902f43ebe4e0302626d2ec

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		683 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=beachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0cefe1841b30d81689a0a39b3f98c77e36763607acd5349a93f06e64d002fbda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		690 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=madhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6c9e90df541b7beb64ac1622ef22ab6b45c75fe6123e1a94a19785ab23dc64d5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		666 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=adtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
699f0d9590b667b0f009d591382cc9b7c0e13a08ffd67a3286b4bb3da4516598

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		694 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=deepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8b84623c84e43579c6e2d890de78a387a55dd5d9a0e8ed561cd86a0e029c15ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		729 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=advangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ecb71d348a4e2ff8b718782659850f16205da47610715fad0279efd82d8309c3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		671 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=_dmp_turbine%2C_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d3f1c662e17df833dc43643fbce771aa27d74db12d4baa18688a5d6a30eaf9f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		633 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=_dmp_krux%2C_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d61458a665ceca31abe727ad64b3d0cafba8d6698f71dfd26e0251be41f7ba6e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		634 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=_dmp_adobe%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
1b93029a1c36ea707d4eea296eb717f17d845593a60a701b5382d31a1a0b0c44

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		589 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0224741f7f1a6f09286718e00adc447e81f240441608372f0e061cbb820e2216

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		602 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
de94077acf16c052c361333a76162ff9ad664240e7e80ca58f714709a07a188b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		118 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=123f60a4cef0454396952f36fd687595&p=*&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
tpid=db205cfb03c046878407cd33e7e645dd
sync.crwdcntrl.net/map/c=12707/tp=TLRA/ Frame 657E 		49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=12707/tp=TLRA/tpid=db205cfb03c046878407cd33e7e645dd?
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-153-177.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.9
content-type
image/gif
content-length
49
expires
0
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/telaria?rid=123f60a4cef0454396952f36fd687595&
  • https://partners.tremorhub.com/sync?UIBM=61D59B7A8607CC6CD10D7DE8BLIS
43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIBM=61D59B7A8607CC6CD10D7DE8BLIS
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UIBM=61D59B7A8607CC6CD10D7DE8BLIS
date
Wed, 05 Jan 2022 13:22:05 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 657E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_hm=ZGIyMDVjZmIwM2MwNDY4Nzg0MDdjZDMzZTdlNjQ1ZGQ%3D&rid=123f60a4cef0454396952f36fd687595&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://dt.videohub.tv/ssframework/cookieSync.htm?UITR=db205cfb03c046878407cd33e7e645dd&url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITR%3D%255Buser_id%255D&rid=123f60a4cef0454396952f36fd687595&
  • https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Date
Wed, 05 Jan 2022 13:22:05 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=77&rid=123f60a4cef0454396952f36fd687595&
  • https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:04 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=tremor&rid=123f60a4cef0454396952f36fd687595&
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=tremor&ssp_uuid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=tremor&user_id=28139247-0eff-4704-8ee0-cb3e5e3591f0
  • https://partners.tremorhub.com/sync?UIBS=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIBS=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
//partners.tremorhub.com/sync?UIBS=20a5fbc5-73de-4467-b1a9-6b8c62cfc742
Date
Wed, 05 Jan 2022 13:22:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.php
gu.dyntrk.com/adx/tv/ Frame 657E 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/tv/us.php?dynk=tr1m3rvid38&tvuid=db205cfb03c046878407cd33e7e645dd&rid=123f60a4cef0454396952f36fd687595&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.118.168 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns571817.ip-51-161-118.net
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=59&redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIMM%3D%255Bmm_uuid%255D&rid=123f60a4cef0454396952f36fd687595&
  • https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Date
Wed, 05 Jan 2022 13:22:05 GMT
Server
MT3 4133 baa842e master iad-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:22:04 GMT
sync
sync.bfmio.com/ Frame 657E
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=128&rid=123f60a4cef0454396952f36fd687595&
  • https://x.bidswitch.net/sync?ssp=beachfront&user_id=1a63fcc3-1a56-4f35-8bf5-da845493f467
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=beachfront&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=beachfront&gdpr=0&user_id=xTkXxspqRMLeMBCWwDxewcY8RZfebULCx2tgqyZK
  • https://sync.bfmio.com/sync?pid=103&uid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dsp_id=&dsp_uuid=&gdpr=0&gdpr_consent=&gdpr_pd=
0
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=103&uid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dsp_id=&dsp_uuid=&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
HTTP/1.1
Server
35.173.82.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-82-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 13:22:04 GMT

Redirect headers

Location
//sync.bfmio.com/sync?pid=103&uid=20a5fbc5-73de-4467-b1a9-6b8c62cfc742&dsp_id=&dsp_uuid=&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 05 Jan 2022 13:22:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
tl
x.mdhv.io/ Frame 657E 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.mdhv.io/tl?db205cfb03c046878407cd33e7e645dd&rid=123f60a4cef0454396952f36fd687595&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:05 GMT
via
1.1 google
cache-control
no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-type
image/gif
content-length
0
expires
-1
CookieSyncTelaria
rtb.adentifi.com/ Frame 657E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTelaria?rid=123f60a4cef0454396952f36fd687595&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.169.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-169-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
store
match.deepintent.com/usersync/128/ Frame 657E 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/128/store?id=db205cfb03c046878407cd33e7e645dd&rid=123f60a4cef0454396952f36fd687595&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:04 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=203&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIAD%3D&7BPARTNER_VISITOR_ID%7D&rid=123f60a4cef0454396952f36fd687595&
  • https://partners.tremorhub.com/sync?UIAD=
43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAD=
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UIAD=
date
Wed, 05 Jan 2022 13:22:05 GMT
server
Apache-Coyote/1.1
content-length
0
v2
odr.mookie1.com/t/ Frame 657E 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_47358&src.visitorid=db205cfb03c046878407cd33e7e645dd&rid=123f60a4cef0454396952f36fd687595&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.90.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:05 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 657E 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=tremor_ssp&partner_uid=db205cfb03c046878407cd33e7e645dd&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1641388925
x-served-by
beacon-n036-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ibs:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd
dpm.demdex.net/ Frame 657E 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd?rid=123f60a4cef0454396952f36fd687595&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.165.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-165-61.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-07a8853ef.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7k2hCJPUQ2Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
sync.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 657E 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/telaria-rtb-network/1/rtb-h/?taboola_hm=db205cfb03c046878407cd33e7e645dd&orig=video&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25496
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 657E 		67 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=9531505&_fw_gdpr=0&_fw_gdpr_consent=undefined&loc=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&_fw_us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.218 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1641388925721070-287
tag
slckg-2p3vy.ads.tremorhub.com/ad/ Frame 657E 		789 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://slckg-2p3vy.ads.tremorhub.com/ad/tag?adCode=slckg-tefne&playerWidth=834&playerHeight=469&playerPosition=1&mediaTitle=%5Bvideo_title%5D&mediaDesc=%5Bvideo_description%5D&mediaId=%5Bvideo_id%5D&mediaUrl=%5Bvideo_url%5D&srcPageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&contentLength=%5Bvideo_duration%5D&gdpr=0&gdpr_consent=undefined&schain=1.0,1!connatix.com,102734,1,,,,&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:5d9:11f2:8a3:eea6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ce991ab910b4d5d3e6901da33c20218eade3470148559932ae0bd3343c9c4b6e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		810 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=_dmp_lotame%2C_dmp_krux%2Cmediamath%2Cadvangelists%2Cmadhive%2Cadtheorent%2Ccentro%2Ctremornet%2Cdeepintent%2Cgoogle%2Cbeachfront%2Cdynadmic%2C_dmp_turbine%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&init=true&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
db87f96c37964c300a1e14b46eed853cbaf0f679594ba0f0523662f918d17c01

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		831 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=tremornet%2Ccentro%2Cdynadmic%2Cmediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
63caaadeba0072cf03950aeefa88ed4d22a46300ddc4f6f9e601ced7988e2341

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		723 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=centro%2Cdynadmic%2Cmediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
44c3513847c2e241bf6b089c52479b77c6b1b8720bac030c99593733b8639762

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		750 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=dynadmic%2Cmediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
bc4f703b8a5ceb3192bece929966aa36ec63abbec760c256369b667ef15bf175

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		758 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=mediamath%2Cbeachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
c7121f6196ff51ed18523a8d356faea5d9241a95d6b7f0d1191a132eea6d262b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		670 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=beachfront%2Cmadhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ae55d382203e7ca4264edae52f77624e1e8138050953bce45d3f335347209a40

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		677 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=madhive%2Cadtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
51c5d863c77cea2a3a7400de4b79e05d8ec402ea27afaf3e297a202d9e17a73d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		653 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=adtheorent%2Cdeepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0e6ce74217578d8e40ae55c318807559c4e9fec8b55abfe41b2b43cbc3054d58

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		681 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=deepintent%2Cadvangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9393846288c48ac5c6819ce619e138f4ee8d01535a9498fc7e26982a287bf8f9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		716 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=advangelists%2C_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fed26b9a4831dd951494ad6682d4dd157ae4bb53e05358b09ee8cbda6e7c3594

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		658 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=_dmp_turbine%2C_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d139c4d745d92050b6cdb799c27b1503b5040a34506a0a52a31b44ccc3c2eb9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		620 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=_dmp_krux%2C_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3cc00c690f71707c422f24d03f41226b6e0ec19a060684028391d61961b0b8db

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		589 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=_dmp_lotame%2C_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fbe9d510ea45de189488ba8857b3c02ebe29f1f4ab960003e08d25cbf6421ef3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		602 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=_supply_taboola&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4f2bd1d22b043baa6944735a0ea65d01d356a2527f8fa655f0b0b4d89d854928

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
syncnoad
partners.tremorhub.com/ Frame 657E 		118 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partners.tremorhub.com/syncnoad?rid=02c140816319400899eda2f54eff8e90&p=*&uid=db205cfb03c046878407cd33e7e645dd&vv=3.0&gdpr=0&gdpr_consent=undefined
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-type
text/xml;charset=UTF-8
tpid=db205cfb03c046878407cd33e7e645dd
sync.crwdcntrl.net/map/c=12707/tp=TLRA/ Frame 657E 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=12707/tp=TLRA/tpid=db205cfb03c046878407cd33e7e645dd?
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-153-177.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.180
content-type
image/gif
content-length
49
expires
0
ibs:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd
dpm.demdex.net/ Frame 657E 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=197161&dpuuid=db205cfb03c046878407cd33e7e645dd?rid=02c140816319400899eda2f54eff8e90&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.165.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-165-61.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v023-0129724e9.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ib2Qm9bqTu0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pixel
cm.g.doubleclick.net/ Frame 657E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_hm=ZGIyMDVjZmIwM2MwNDY4Nzg0MDdjZDMzZTdlNjQ1ZGQ%3D&rid=02c140816319400899eda2f54eff8e90&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://dt.videohub.tv/ssframework/cookieSync.htm?UITR=db205cfb03c046878407cd33e7e645dd&url=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUITR%3D%255Buser_id%255D&rid=02c140816319400899eda2f54eff8e90&
  • https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Location
https://partners.tremorhub.com/sync?UITR=%5Buser_id%5D
Date
Wed, 05 Jan 2022 13:22:06 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=77&rid=02c140816319400899eda2f54eff8e90&
  • https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:05 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://partners.tremorhub.com/sync?UICT=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
us.php
gu.dyntrk.com/adx/tv/ Frame 657E 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/tv/us.php?dynk=tr1m3rvid38&tvuid=db205cfb03c046878407cd33e7e645dd&rid=02c140816319400899eda2f54eff8e90&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.161.118.168 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns571817.ip-51-161-118.net
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=59&redir=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIMM%3D%255Bmm_uuid%255D&rid=02c140816319400899eda2f54eff8e90&
  • https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

Date
Wed, 05 Jan 2022 13:22:06 GMT
Server
MT3 4133 baa842e master iad-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://partners.tremorhub.com/sync?UIMM=%5Bmm_uuid%5D
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Jan 2022 13:22:05 GMT
sync
sync.bfmio.com/ Frame 657E
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=128&rid=02c140816319400899eda2f54eff8e90&
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D
  • https://sync.bfmio.com/sync?pid=147&uid=d6.4f465466129a4da8a25924fdcf457aa9
0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=147&uid=d6.4f465466129a4da8a25924fdcf457aa9
Protocol
HTTP/1.1
Server
35.173.82.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-82-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Jan 2022 13:22:06 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=147&uid=d6.4f465466129a4da8a25924fdcf457aa9
date
Wed, 05 Jan 2022 13:22:06 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-length
0
x-xss-protection
1; mode=block
tl
x.mdhv.io/ Frame 657E 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.mdhv.io/tl?db205cfb03c046878407cd33e7e645dd&rid=02c140816319400899eda2f54eff8e90&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:06 GMT
via
1.1 google
cache-control
no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-type
image/gif
content-length
0
expires
-1
CookieSyncTelaria
rtb.adentifi.com/ Frame 657E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTelaria?rid=02c140816319400899eda2f54eff8e90&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.169.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-169-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
store
match.deepintent.com/usersync/128/ Frame 657E 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/128/store?id=db205cfb03c046878407cd33e7e645dd&rid=02c140816319400899eda2f54eff8e90&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sync
partners.tremorhub.com/ Frame 657E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=203&redirect=https%3A%2F%2Fpartners.tremorhub.com%2Fsync%3FUIAD%3D&7BPARTNER_VISITOR_ID%7D&rid=02c140816319400899eda2f54eff8e90&
  • https://partners.tremorhub.com/sync?UIAD=
43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIAD=
Protocol
H2
Server
2600:1f18:612b:4232:e16:c052:477e:6871 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
https://partners.tremorhub.com/sync?UIAD=
date
Wed, 05 Jan 2022 13:22:06 GMT
server
Apache-Coyote/1.1
content-length
0
v2
odr.mookie1.com/t/ Frame 657E 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_47358&src.visitorid=db205cfb03c046878407cd33e7e645dd&rid=02c140816319400899eda2f54eff8e90&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.90.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:06 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 657E 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=tremor_ssp&partner_uid=db205cfb03c046878407cd33e7e645dd&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.75.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-75-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1641388926
x-served-by
beacon-n038-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 657E 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/telaria-rtb-network/1/rtb-h/?taboola_hm=db205cfb03c046878407cd33e7e645dd&orig=video&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30234
514171
vid.springserve.com/vast/ Frame 657E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.161.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e22ceb85d9003064316ef62f7bfac2885b6dace2f90f36e2bcc608bcbd631511

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
vpaid_25214542.js
vpaid.springserve.com/production/ Frame 4A52 		495 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:6a00:15:6f6c:b180:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 11:38:17 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 18:30:16 GMT
server
AmazonS3
age
2079831
etag
W/"185feb14359001049d144410afbeaaa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
E85CrWMnA4pXv6qufgVFc5zINrQGm0N9224yS7yLBG4vxOeroDaBdA==
prebid
ib.adnxs.com/ut/v3/ Frame 4A52 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
457bc9445a28af60d4762b1f45ec8588f1953e050b60642385392c5e05d2b8a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:07 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c59bae65-4356-402d-b348-102b01d4ddee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 4A52 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.253.192 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ Frame 4A52 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.253.192 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame 4A52 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 4A52 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388926966&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.253.192 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
c207445e576fd50219748f0dab6904d65385ca7a42a146d6d21cc8220635a30c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
954
expires
0
abt
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:22:06 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
o2shim
acds.prod.vidible.tv/ Frame 090B 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=3e78453b-3c3f-45cd-bd28-a70393e1cef4&pblob=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.75.183 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
20d7480c779d56a8e3f23e7e1e79c260ff626d1f200a4e48380174498d9f77a5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:07 GMT
content-encoding
gzip
access-control-max-age
3600
access-control-allow-methods
POST, GET, HEAD, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
content-length
6639
st
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:22:07 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/ Frame 090B 		319 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=3e78453b-3c3f-45cd-bd28-a70393e1cef4&pblob=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 03 Jan 2022 18:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153546
x-amz-server-side-encryption
AES256
x-amz-storage-class
STANDARD_IA
vary
Accept-Encoding
content-length
104909
x-amz-id-2
AhQkdYKdce1ExzKsXP2P2K2CHBLHNFh26M88Dpu0LUfIkYZBIZWaXaH0lfIzCdRsGdzzreBOCPg=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Oct 2021 12:07:18 GMT
server
ATS
etag
"ad866575d644f8b5c5d7a56ff730d7e3-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-request-id
PQ43YJNT229003CA
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
null
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame 090B 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=603d9102810cd10001d1d12f&s=true&pv=10.2.82&ifr=true&cb=0.24398866692681564&pt=o2unit&sid=14e995fa-685f-4a0d-b4c0-b1c6cab5c92a&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:08 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:08 GMT
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ Frame 4A52 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:08 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 18:37:38 GMT
server
AmazonS3
x-amz-request-id
036919206159672E
etag
"d678022569896f7b7293494e3a69c8c7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56747
accept-ranges
bytes
content-length
44266
x-amz-id-2
fx43jrWBGftJjym5bkMOBwHhjr6LsJZCk1hxLW/uTSAnpDbgtAjDueY/1hjMcGJGrFWPPwtxR9o=
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 090B 		249 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388926966&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&pi.height=480&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=469&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=834
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.253.192 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
display.gif
trk.vidible.tv/trk/ Frame 090B 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=14e995fa-685f-4a0d-b4c0-b1c6cab5c92a&vvuid=ad19b311-7e7b-4153-ade3-0e7ea711e7d2&orgId=28949&plcid=1279691&vrid=3e78453b-3c3f-45cd-bd28-a70393e1cef4&ab=0&dt=253&h=469&spaceid=793604934&w=834&cb=0.7304536985931407
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:08 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:08 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame 090B 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=14e995fa-685f-4a0d-b4c0-b1c6cab5c92a&vvuid=ad19b311-7e7b-4153-ade3-0e7ea711e7d2&orgId=28949&plcid=1279691&vrid=3e78453b-3c3f-45cd-bd28-a70393e1cef4&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=100&vwa=0&vwm=-1&cb=0.6998576359023001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:08 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:08 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame 090B 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=14e995fa-685f-4a0d-b4c0-b1c6cab5c92a&vvuid=ad19b311-7e7b-4153-ade3-0e7ea711e7d2&orgId=28949&plcid=1279691&vrid=3e78453b-3c3f-45cd-bd28-a70393e1cef4&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=834&p.vw.active=1&p.vw.sound=100&vwa=0&vwm=-1&h=469&cb=0.10182965722807413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:08 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:08 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1641388928299&de=752342334354&d=292%3A-%3A-%3A-&bo=bleepingcomputer.com&bd=bleepingcomputer.com&f=0&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 05 Jan 2022 13:22:08 GMT
ad-engine-response.gif
trk.vidible.tv/trk/ Frame 090B 		0
0
bc2
bc-ssb-cle.springserve.com/ Frame 4A52 		20 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-ssb-cle.springserve.com/bc2?r=c104b96f-c345-4bee-9000-e1f8e9eb44cf-s.514171-d.528021-dc.132380&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.141.222 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
20
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
i
vid-io-cle.springserve.com/vd/ Frame 4A52 		0
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=c104b96f&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.211.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:09 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 657E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame EE17 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_18&description_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2227509755534534&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=513632403&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=1AF3BFB2-626A-496C-BEFC-9D375E0DFE86&nel=1&eid=21064201%2C44737473%2C44750604&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&loc=about%3Ablank&dlt=1641388911787&idt=2605&dt=1641388929116&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&scor=41820221545803&ged=ve4_td17_tt15_pd17_la17000_er1621.479.1780.785_vi0.0.1200.1600_vp0_ts13_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 657E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 973E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_10&description_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1422885339969204&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=2779254812&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=42E53C53-B51F-48B1-947F-D8FC20DAF166&nel=1&eid=44750604%2C44750823%2C44752657&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&loc=about%3Ablank&dlt=1641388911787&idt=2681&dt=1641388929762&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&scor=3844313861168951&ged=ve4_td18_tt16_pd18_la18000_er1621.479.1780.785_vi0.0.1200.1600_vp0_ts7_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 657E 		48 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&cb=0fb6bacd-4016-41ec-8c01-6745d66131af&vwd=834&vht=469&gdpr=0&gdpr_consent=undefined&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:10 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
media
direct.ad.cpe.dotomi.com/cvx/client/direct/ Frame 657E 		68 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/cvx/client/direct/media?sid=210060&placement_id=951c4b8&vpaid=2&m=11&mdf=mp4&vastver=2
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:ae80:1451:17::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:10 GMT
server
nginx
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
dc_oe=ChMIt77Wm9qa9QIVFAiICR0u3Af3EAAYACCDzKFM;met=1;&timestamp=1641388930664;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame EA6E 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIt77Wm9qa9QIVFAiICR0u3Af3EAAYACCDzKFM;met=1;&timestamp=1641388930664;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI4aDsm9qa9QIVkwRoCB3Oxw72EAAYACCDzKFM;met=1;&timestamp=1641388930848;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2D5A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4aDsm9qa9QIVkwRoCB3Oxw72EAAYACCDzKFM;met=1;&timestamp=1641388930848;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMItLDWm9qa9QIVQ6WfCh2bsg84EAAYACDuhfVL;met=1;&timestamp=1641388930970;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6C9B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItLDWm9qa9QIVQ6WfCh2bsg84EAAYACDuhfVL;met=1;&timestamp=1641388930970;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi.connatix.com/tr/ Frame 657E 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:22:11 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
514171
vid.springserve.com/vast/ Frame 657E 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.161.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
83bab880a0de1e62bf78df1be20b053ee67c32951e01581387dc3bbb0ea61fbe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
vpaid_25214542.js
vpaid.springserve.com/production/ Frame 393B 		495 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:6a00:15:6f6c:b180:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 11:38:17 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 18:30:16 GMT
server
AmazonS3
age
2079837
etag
W/"185feb14359001049d144410afbeaaa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
f5UVI4GMNercntLcwlRtUBqVrDMiUj6Jy6bQBAVEOmlxwIO7G2jBlA==
prebid
ib.adnxs.com/ut/v3/ Frame 393B 		165 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c0aa1ad0dabf82098d546036334ebda9ceddc3840ff4390836cf422d523d4b9a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:13 GMT
X-Proxy-Origin
92.119.19.73; 92.119.19.73; 576.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2dc0c3b6-16c4-4706-bc46-1c35205177f6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 393B 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
ads.adaptv.advertising.com/rtb/ Frame 393B 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.253.192 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ Frame 393B 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.253.192 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 393B 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388933121&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.253.192 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e1adc1aae1fc03eeb7e55e09cece19cb8520409250b98c8950dc8b3ae58ea35f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
952
expires
0
o2shim
acds.prod.vidible.tv/ Frame AA86 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=c428117c-10e6-46ea-9df6-f4fa42b4d2b3&pblob=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.75.183 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e647e5c51ad1e9a955261f5cb1a3dca39af56995baa6865fd0f47ae4a39e2ab9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:13 GMT
content-encoding
gzip
access-control-max-age
3600
access-control-allow-methods
POST, GET, HEAD, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
content-length
6643
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/ Frame AA86 		319 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1279691&orgId=28949&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=bleepingcomputer.com%2F&vrid=c428117c-10e6-46ea-9df6-f4fa42b4d2b3&pblob=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 03 Jan 2022 18:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153551
x-amz-server-side-encryption
AES256
x-amz-storage-class
STANDARD_IA
vary
Accept-Encoding
content-length
104909
x-amz-id-2
AhQkdYKdce1ExzKsXP2P2K2CHBLHNFh26M88Dpu0LUfIkYZBIZWaXaH0lfIzCdRsGdzzreBOCPg=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Oct 2021 12:07:18 GMT
server
ATS
etag
"ad866575d644f8b5c5d7a56ff730d7e3-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-request-id
PQ43YJNT229003CA
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
null
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame AA86 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=603d9102810cd10001d1d12f&s=true&pv=10.2.82&ifr=true&cb=0.15957897562836432&pt=o2unit&sid=b5596b31-64d9-4851-b26a-41b7fc591421&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:13 GMT
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ Frame 393B 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 18:37:38 GMT
server
AmazonS3
x-amz-request-id
036919206159672E
etag
"d678022569896f7b7293494e3a69c8c7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56742
accept-ranges
bytes
content-length
44266
x-amz-id-2
fx43jrWBGftJjym5bkMOBwHhjr6LsJZCk1hxLW/uTSAnpDbgtAjDueY/1hjMcGJGrFWPPwtxR9o=
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads-ec.v.ssp.yahoo.com/a/h/ Frame AA86
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388933121&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&p...
  • https://ads-ec.v.ssp.yahoo.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388933121&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&pi.he...
249 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-ec.v.ssp.yahoo.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388933121&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&pi.height=480&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=469&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=834&a.y_rid=fe24ddfb-1759-42dd-a026-eba63787f4a4&a.is_yahoo=3&redirect_y=dHM9MTY0MTM4ODkzMzc1MS42Mjg0MTg6dXVpZD0iMjUzMzgxMDg3MTc0NTM0MjY5OV9fVElNRV9fMjAyMi0wMS0wNSswNSUzQTIyJTNBMDgiOmFwaWQ9VkE3YjZlMzJjNy02ZTJhLTExZWMtOGFmMi0wZWZkZDFhOGRlYjM6cmVxdWVzdF9pZD1mZTI0ZGRmYi0xNzU5LTQyZGQtYTAyNi1lYmE2Mzc4N2Y0YTQ=
Protocol
HTTP/1.1
Server
35.173.146.224 -, , ASN (),
Reverse DNS
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 05 Jan 2022 13:22:14 GMT
content-encoding
gzip
server
ATS/9.1.0.33
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.bleepingcomputer.com
content-type
text/plain
location
https://ads-ec.v.ssp.yahoo.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1641388933121&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=%5Bscpid%5D&hp=%5Bhp%5D&eov=eov&pi.width=640&pi.height=480&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=469&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=834&a.y_rid=fe24ddfb-1759-42dd-a026-eba63787f4a4&a.is_yahoo=3&redirect_y=dHM9MTY0MTM4ODkzMzc1MS42Mjg0MTg6dXVpZD0iMjUzMzgxMDg3MTc0NTM0MjY5OV9fVElNRV9fMjAyMi0wMS0wNSswNSUzQTIyJTNBMDgiOmFwaWQ9VkE3YjZlMzJjNy02ZTJhLTExZWMtOGFmMi0wZWZkZDFhOGRlYjM6cmVxdWVzdF9pZD1mZTI0ZGRmYi0xNzU5LTQyZGQtYTAyNi1lYmE2Mzc4N2Y0YTQ=
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
display.gif
trk.vidible.tv/trk/ Frame AA86 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=b5596b31-64d9-4851-b26a-41b7fc591421&vvuid=8c5a7e5c-1561-47da-980c-1d1379ec7cc1&orgId=28949&plcid=1279691&vrid=c428117c-10e6-46ea-9df6-f4fa42b4d2b3&ab=0&dt=111&h=469&spaceid=793604934&w=834&cb=0.5964658928129407
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:13 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame AA86 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=b5596b31-64d9-4851-b26a-41b7fc591421&vvuid=8c5a7e5c-1561-47da-980c-1d1379ec7cc1&orgId=28949&plcid=1279691&vrid=c428117c-10e6-46ea-9df6-f4fa42b4d2b3&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=100&vwa=0&vwm=-1&cb=0.9144963002120434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:13 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame AA86 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=b5596b31-64d9-4851-b26a-41b7fc591421&vvuid=8c5a7e5c-1561-47da-980c-1d1379ec7cc1&orgId=28949&plcid=1279691&vrid=c428117c-10e6-46ea-9df6-f4fa42b4d2b3&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=834&p.vw.active=1&p.vw.sound=100&vwa=0&vwm=-1&h=469&cb=0.7529703017480704
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.174.17 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:13 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.3
content-type
image/gif
content-length
43
expires
Wed, 05 Jan 2022 13:22:13 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1641388933787&de=938655121644&d=12%3A-%3A-%3A-&bo=bleepingcomputer.com&bd=bleepingcomputer.com&f=0&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 05 Jan 2022 13:22:13 GMT
g
capi.connatix.com/rtb/ Frame 657E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=144267
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.216.166.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-166-79.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
c5c57b0da319215591dde819ae77e437636ef4afe4a94d13e8b74b87988c9b05

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 05 Jan 2022 13:22:13 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
881
ad-engine-response.gif
trk.vidible.tv/trk/ Frame AA86 		0
0
bc2
bc-ssb-cle.springserve.com/ Frame 393B 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-ssb-cle.springserve.com/bc2?r=f7936fa8-ba25-46e9-a468-d7fb2c23fd51-s.514171-d.528021-dc.132380&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.141.222 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ec81883165ab62da081d30a61477cc026552bb2ea7937a6342193fa91359f9b6

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
627448
vid.springserve.com/vast/ Frame 393B 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/627448?w=640&h=480&cb=4341302024010&url=bleepingcomputer.com&ip=92.119.19.73&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&dnt=&gdpr_consent=&gdpr=&us_privacy=&schain=&ip=92.119.19.73&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&lat=37.751&lon=-97.822&dnt=&desc=&ic=&dur=&ap=&app_bundle=&app_name=&app_store_url=&inv_partner_domain=&vid=&min_dur=&max_dur=&mute=&placement=&skip=&prodq=&content_id=&content_episode=&content_title=&content_series=&content_season=&content_genre=&content_livestream=&content_producer_name=&rating=&channel_name=&language=&network_name=&did=&pp=%7B%7BPRICE_PAID%7D%7D&device_make=Google&device_model=Chrome&brand_name=Google&country=US&ifa_type=&gdpr_consent=&gdpr=&us_privacy=&payid=a24eb6%3A1224&schain=&coppa=&lmt=&omidpn=%7B%7BOMID_PN%7D%7D&omidpv=%7B%7BOMID_PV%7D%7D&_bchc=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.161.36 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
45547034579c50c88ba2361cd868c4a2dfc1e185a04fe6aabb88994809b1b526

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
vpaid_25214542.js
vpaid.springserve.com/production/ Frame 5219 		495 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:6a00:15:6f6c:b180:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 11:38:17 GMT
content-encoding
br
last-modified
Fri, 19 Nov 2021 18:30:16 GMT
server
AmazonS3
age
2079838
etag
W/"185feb14359001049d144410afbeaaa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
mPGLUKiNCbD801V8Ag-E1-VwdRsT6IrxpwTEOrinw7aMl8o09kpEJw==
ima3vpaid
tpc.googlesyndication.com/ Frame 5219 		861 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F7103%2FSMG_SpringServe%2Fpreroll%2Fsyndication_9%26description_url%3Dbleepingcomputer.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1641388934628%26ord%3D1641388934%26gdpr_consent%3D%26gdpr%3D&type=all
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c80d4c5696cec395d003b6e76e288b065ef35cb188743d8c74e7b5a0658d07e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
533
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 6C73 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/7103/SMG_SpringServe/preroll/syndication_9%26description_url%3Dbleepingcomputer.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1641388934628%26ord%3D1641388934%26gdpr_consent%3D%26gdpr%3D%26channel%3Dvastadp
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
034ae1829661bf4346b82a47b13edab78261609b952e240d174937a432d726d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16293
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 16:11:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:37:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6C73 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/7103/SMG_SpringServe/preroll/syndication_9%26description_url%3Dbleepingcomputer.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1641388934628%26ord%3D1641388934%26gdpr_consent%3D%26gdpr%3D%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Wed, 05 Jan 2022 13:22:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C73 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.6881198779426352&wt=1641388935077&sdkv=h.3.494.0&xai=undefined&url=3,https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/7103/SMG_SpringServe/preroll/syndication_9%26description_url%3Dbleepingcomputer.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1641388934628%26ord%3D1641388934%26gdpr_consent%3D%26gdpr%3D%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Jan 2022 13:22:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame D96C 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Thu, 30 Dec 2021 20:19:52 GMT
expires
Fri, 30 Dec 2022 20:19:52 GMT
last-modified
Thu, 23 Dec 2021 20:15:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
493343
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6C73 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jan 2022 13:22:15 GMT
integrator.js
adservice.google.com/adsid/ Frame 6C73 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9EF7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 12:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Jan 2022 13:35:43 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D96C 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_SpringServe%2Fpreroll%2Fsyndication_9&description_url=bleepingcomputer.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2117961702246106&ord=1641388934&gdpr_consent&gdpr&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.494.0%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=420007834&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=685B7F70-A6AA-4B17-B48A-58B7527D7683&nel=0&eid=44750604&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&dt=1641388935405&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&scor=2403030254260714&ged=ve4_td0_er1465.215.1934.1049_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
vid-io-cle.springserve.com/vd/ Frame 5219 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=17fea4d0&ps_id=627448&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.211.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
integrator.js
adservice.google.com/adsid/ Frame 657E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Jan 2022 13:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame E4A5 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597229605%2FSMG_Connatix%2Fpreroll%2Fsyndication_18&description_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4174447925705477&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3102474806&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=E4D6D6A9-1337-4780-A2C6-CD878C04817B&nel=1&eid=44750604&top=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&loc=about%3Ablank&dlt=1641388911787&idt=2510&dt=1641388935602&cookie=ID%3D943cf567a505fdc5%3AT%3D1641388912%3AS%3DALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg&scor=981546382672441&ged=ve4_td24_tt22_pd24_la24000_er1621.479.1780.785_vi0.0.1200.1600_vp0_ts12_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
vid-io-cle.springserve.com/vd/ Frame 393B 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=f7936fa8&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.211.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Wed, 05 Jan 2022 13:22:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjcwOGQxZWItMzNkZC0yZWY3LWY2NGItZmMzNjE1OWE3NTQ5&gdpr=0&gdpr_consent=undefined
Domain
trk.vidible.tv
URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=14e995fa-685f-4a0d-b4c0-b1c6cab5c92a&vvuid=ad19b311-7e7b-4153-ade3-0e7ea711e7d2&orgId=28949&plcid=1279691&vrid=3e78453b-3c3f-45cd-bd28-a70393e1cef4&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=834&aert=388&ar=no&fo=0&ft=0&h=469&cb=0.33106338883335673
Domain
trk.vidible.tv
URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=603d9102810cd10001d1d12f&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&s=true&sid=b5596b31-64d9-4851-b26a-41b7fc591421&vvuid=8c5a7e5c-1561-47da-980c-1d1379ec7cc1&orgId=28949&plcid=1279691&vrid=c428117c-10e6-46ea-9df6-f4fa42b4d2b3&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=834&aert=576&ar=no&fo=0&ft=0&h=469&cb=0.425175937835812

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 function| $ function| jQuery function| cnxps object| freestar object| apd_options function| gtag object| dataLayer object| adsbygoogle function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf object| __cfBeacon boolean| fifabAlready function| fi_fab object| google_tag_manager undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga object| fsdata object| _comscore object| fsprebid string| google_user_agent_client_hint object| cnx_usr_storage object| oattr function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| load_script object| googletag boolean| __@@##MUH object| google_image_requests object| fiUtils object| $customVisiblity object| $waitOn object| gaplugins object| gaData object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| udm_ object| ns_p object| COMSCORE function| Tapad function| fsprebidChunk object| _pbjsGlobals object| mnet object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked object| player_instance_34b3ae7697f14aa3a918e46ee335cdae object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| apstag object| _qevents object| closure_lm_743431 object| ABEWHP2 function| ABEWHP3 object| xop boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| google_llp object| audSegDataResp string| kruxScriptId string| kruxIdScriptId string| kruxDataId string| kruxWhitelistSegments object| kruxScript function| checkMatchingSegments function| generateUUID function| getUserId function| getPageId function| getPageLog function| calculateDocumentType function| calculateReferer function| clientWindowHeight function| clientWindowWidth function| getBrowserSize function| firePageLog function| fireDataCall function| Krux function| ic_krux_getuserid string| IC_FS_PAGE_ID string| IC_FS_PAGE_REFERER undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus boolean| creativeVendorLibraryLoaded object| EE70hY2 function| EE70hY3 function| xblocker object| UcbBlC function| UcbBlf function| xblacklist object| ID5 object| PublisherCommonId number| infolinks_pid object| $iceboot object| INFOLINKS function| _typeof object| $ice object| $infolinks number| $iceId boolean| DFPSFMessageEnabled function| hb_iceChunk object| hb_ice object| $ICE_HB object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| vttjs function| WebVTT function| ILVideo number| depth object| goog_ddm_ps object| GoogleGcLKhOms function| cnxAddEventListener

328 Cookies

Domain/Path Name / Value
www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware Name: ntvSession
Value: {}
www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware Name: logglytrackingsession
Value: 39e950b0-81f2-45a8-8970-8cec492124a8
.resetdigital.co/csync Name: ckbk
Value: 00000093F8F2077A
.3lift.com/sync Name: sync
Value: CgoIgQIQyZ6d0-IvCgoI4gEQyZ6d0-IvCgoI5gEQyZ6d0-IvCgoIhwIQyZ6d0-IvCgkICRDJnp3T4i8KCQg6EMmendPiLwoJCAsQyZ6d0-IvCgoIjAIQyZ6d0-IvCgoIngIQyZ6d0-IvCgkIXxDJnp3T4i8=
.mrtnsvr.com/sync Name: userId
Value: MfRdyeb4M
.t.sidekickopen07.com/ Name: _hetc
Value: 72f1e4df-d861-4e86-a3ec-dce8a91fbc4b|1641388911039|ACOD57cwLAIUMxrbbfdO/W+kLrZzOvqy561bRMgCFEOqIxbKAIGIsJAo1viAKbK0OWck
.bleepingcomputer.com/ Name: session_id
Value: 4ef319ab22805e41e8b13238bc669134
www.bleepingcomputer.com/ Name: lav
Value: 11534
www.bleepingcomputer.com/ Name: fsbotchecked
Value: true
www.bleepingcomputer.com/ Name: __atuvc
Value: 1%7C1
www.bleepingcomputer.com/ Name: __atuvs
Value: 61d59b7003e70133000
.addthis.com/ Name: ouid
Value: 61d59b70000175cefe9a7f7b8289ed7ee0348130bf2cab591a33
.addthis.com/ Name: di2
Value: aVQXS#&0x#&*g#%Os#%Or#%Km#%Kf#%IX#%IQ#%HV#%F|#%FS#%FR#%FQ#%E~#%/p#%/o#%/n#%$~#$Mr#$M`#$Ll#$L^#$LZ#$Gr#$CT#$7r#$1~#$0|#$+U#$)|#$){#$(w#$(T#$(S#$(R#$(Q#$$c#$$b#$!}##NW##Mz##Md##LU##Iz##Ix##Gr##Ed##Eb##EZ##Bq##Bp##@q##>W##>U##'V###l#!0}#!/p#!$s#!!xPNePNdPNcPNbPDtPC]PC[P<nP8UP7sP7rP7qP7mP7lP7kP2SO1iO1hO1gO(rO(qO(pO(cO(bO'vO'uN+gN+QN'yN#xMLcM?gM?fM>VM>UM>TM>SM>RM>QM7oM7nM7mM7lM7]M7XM-{M-rM-qM+}M+zM*fM'fM'bM&oM&nM&mM&^M&]M&[LFTLEsLErLEqLEpLDkL.wJEXJ&ZJ&YJ&XJ&WJ&VJ&UJ#|J#{J#sJ#rIIYIIXIHcIHbIH[IFcIFbICiI?VI?UI6rI5fI5TI5SI3|I3{I3yI3rI2bI1oI/}I/|I/jI+lG2qG$m$+S83}7>Z7:m77h77g7.k7.b7-~7-}7*o7*k7)|7)m7'h7'g7#t6L]6L[6Kh6Kg6Hu6Hq6Hp6Ho6Hn6Hm6FW6FV6C{6@t6@s5)z5)y5)`5)_5)^5(n5(b5'~4JX4?Z4=a4=^0%w0%v0%q)1i)1b#<On#<2m#<*{#<!]#9Oh#9NU#92q#8N_#89R#88i#88f#82f#70p#70U#7.U#5Nv#5.j#5.g#5-W#5'u#4F_#4Dq#49e#44f#41S#4'p#4'V#3<g#3<d#36f#30X#3'g#2GR#2([#2'Q#0K[#08^#08W#01m#01j#0/]#/$^#-N[#*/}#*/{#*/R#*.~#*&]#*&Z#)N}#)N{#)Gc#)Ga#)-i#)-g#)-e#)*V#)*T#))~#))|#(8k#(5i#(5Q#(4~#(/]#'FX#'E{#'8f#'&U#'&T#&He#&GQ#&@r#&@q#&@p#&<]
.addthis.com/ Name: bt2
Value: 61d59b70001Es0002001Cs0002
.addthis.com/ Name: um
Value: j.'2022010513215222200080786991'
.addthis.com/ Name: uid
Value: 61d59b707ce4b19a
.addthis.com/ Name: na_id
Value: 2022010513215222200080786991
.addthis.com/ Name: vc
Value: 2
.addthis.com/ Name: uvc
Value: 1%7C1
www.bleepingcomputer.com/ Name: _fssid
Value: 2db4f7de-7ea9-4bf9-bd22-35a759796b26
cdn.firstimpression.io/ Name: OAID
Value: ac708aee8f36f7ef8fe3dd9e497e5635
.addthis.com/ Name: loc
Value: MzcwMTNOQVVTVE4yMTYwMDkzNDY1OTAwMDBDSA==
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.951479884.1641388912
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.349757263.1641388912
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1T3X7YDOO0MEMA6OJI7FR5g1641388913
.reddit.com/ Name: csv
Value: 2
capi.connatix.com/ Name: cnx_userId
Value: ea5e916b51b048cabf316983e9db96c7
www.bleepingcomputer.com/ Name: cnx_userId
Value: ea5e916b51b048cabf316983e9db96c7
.turn.com/ Name: uid
Value: 3747225568690969523
.adsrvr.org/ Name: TDID
Value: 1a63fcc3-1a56-4f35-8bf5-da845493f467
.adnxs.com/ Name: uuid2
Value: 6285311477415990070
.casalemedia.com/ Name: CMID
Value: YdWbcBgovym-M.HPZmH3eQAA
.casalemedia.com/ Name: CMPS
Value: 2847
.spotxchange.com/ Name: audience
Value: 7275e6a9-6e2a-11ec-a4f5-1ff67a7c0503
.bidr.io/ Name: bito
Value: AAFt-E7DqzcAABFrhrnOiw
.bidr.io/ Name: bitoIsSecure
Value: ok
.tremorhub.com/ Name: tvid
Value: db205cfb03c046878407cd33e7e645dd
.tremorhub.com/ Name: tv_UISCX
Value: ea5e916b51b048cabf316983e9db96c7
.casalemedia.com/ Name: CMPRO
Value: 946
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 54621527-E2AF-48B3-9A20-16DF7E99F819
.pubmatic.com/ Name: DPSync3
Value: 1642550400%3A197_201%7C1641945600%3A164%7C1641427200%3A174
www.bleepingcomputer.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bleepingcomputer.com/ Name: _pubcid
Value: a8ba9641-1c73-4b3d-9b45-203e79f1ab5b
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdWbcQADT-oI8wAm
.deepintent.com/ Name: CDIUSER
Value: di_6448d1ce387e4b048a149
.acuityplatform.com/ Name: auid
Value: 637414288351
.mathtag.com/ Name: uuid
Value: 050e61d5-9b71-4f00-a1bc-dfd497875439
.adform.net/ Name: C
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b7384056-859f-46a4-4a9b-fce3c6d0306b.9nYZ90i3KmDvkG5I0eGoZdgq%2BguM%2F8wsZzHwtYFYh%2FQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-b7384056-859f-46a4-4a9b-fce3c6d0306b%24ip%2492.119.19.73.oWcuMu5ip9h%2FoY%2BQbZP3pxjb7utzGsg8Qy2DCf5tADE
.simpli.fi/ Name: suid
Value: 1D5525D15A044016B14FBC531747C717
.w55c.net/ Name: wfivefivec
Value: GI2D34ul1N56eJ5
.inmobi.com/ Name: idsp_c
Value: 7d00d6a9-384d-4a07-aea7-14a7f41eb807
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q6946753131882517221P
.owneriq.net/ Name: pmc
Value: 1
.adform.net/ Name: uid
Value: 8664334389647396867
.doubleclick.net/ Name: IDE
Value: AHWqTUkppH-W-4F0H5VV0RlQhDbxeU6OKxEQZYgzJjNraS3GmcmldJ6wr2vKYGHejX8
.w55c.net/ Name: matchpubmatic
Value: 5
.rlcdn.com/ Name: pxrc
Value: CPG21o4GEgUI6AcQABIFCOhHEAA=
.deployads.com/ Name: d7s_uid
Value: r58nshkwbqsa
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-7d00d6a9-384d-4a07-aea7-14a7f41eb807&KRTB&23266-7d00d6a9-384d-4a07-aea7-14a7f41eb807&KRTB&23285-7d00d6a9-384d-4a07-aea7-14a7f41eb807
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:1D5525D15A044016B14FBC531747C717
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEPpCU9fqoqyDenkIGJeIMFM&KRTB&22987-CAESEPpCU9fqoqyDenkIGJeIMFM&KRTB&23025-CAESEPpCU9fqoqyDenkIGJeIMFM
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:050e61d5-9b71-4f00-a1bc-dfd497875439&KRTB&16736-uid:050e61d5-9b71-4f00-a1bc-dfd497875439&KRTB&23019-uid:050e61d5-9b71-4f00-a1bc-dfd497875439&KRTB&23208-uid:050e61d5-9b71-4f00-a1bc-dfd497875439
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3747225568690969523
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-637414288351
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-tzhAVoWfRqRKm_zjxtAwa1x3E0k
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:GI2D34ul1N56eJ5
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1a63fcc3-1a56-4f35-8bf5-da845493f467&KRTB&22918-1a63fcc3-1a56-4f35-8bf5-da845493f467&KRTB&23031-1a63fcc3-1a56-4f35-8bf5-da845493f467
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YdWbcQADT-oI8wAm&KRTB&22978-YdWbcQADT-oI8wAm&KRTB&23194-YdWbcQADT-oI8wAm&KRTB&23209-YdWbcQADT-oI8wAm
.yahoo.com/ Name: A3
Value: d=AQABBHGb1WECEDkNXmeNvJP4aLkr1Ufz-ZwFEgEBAQHs1mHfYQAAAAAA_eMAAA&S=AQAAAv4zggpWd8c4ZupuMRNLsf4
.quantserve.com/ Name: mc
Value: 61d59b71-8ce34-2546d-e114c
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q6946753131882517221&KRTB&22521-Q6946753131882517221
.contextweb.com/ Name: V
Value: 71tFyAgxDfjK
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b83af9536bf88176
.rubiconproject.com/ Name: rsid
Value: 1|Cdq1KlsL5K/eRzGv3MM1DE/cu41hP7athSVRSZb1VQ0brISUOGOPRcSYCqaOieGkTxzCtT3GWjvGeUmnD2WgFA74oVwAuQBYukd6VYKHEQIhzG3GS+IOU6uTSg==
.adgrx.com/ Name: ADGRX_UID
Value: 72db71b4-6e2a-11ec-b017-01e8582d969d
.bidswitch.net/ Name: tuuid
Value: 20a5fbc5-73de-4467-b1a9-6b8c62cfc742
.bidswitch.net/ Name: c
Value: 1641388913
.bidswitch.net/ Name: tuuid_lu
Value: 1641388913
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6285311477415990070&KRTB&23339-6285311477415990070
.ipredictive.com/ Name: cu
Value: 72e5d80a-6e2a-11ec-9c3a-99462fc17f30|1641388913699
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005%22%7D
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.mxptint.net/ Name: mxpim
Value: R1B332_E93857CB_283A4EF6.1.000000000000000061D59B71
.rubiconproject.com/ Name: khaos
Value: KY1KKVGS-1-D52Q
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
.smartadserver.com/ Name: pid
Value: 5306905266731188593
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFt-E7DqzcAABFrhrnOiw
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-72db71b4-6e2a-11ec-b017-01e8582d969d
.pippio.com/ Name: did
Value: Pjg7zYcirBv5CuXg
.pippio.com/ Name: didts
Value: 1641388913
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-XWPPxVIwnMFGasiVWGaGwl5mnZRGN5rBXzEsAzHu&KRTB&19420-XWPPxVIwnMFGasiVWGaGwl5mnZRGN5rBXzEsAzHu&KRTB&22979-XWPPxVIwnMFGasiVWGaGwl5mnZRGN5rBXzEsAzHu
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8664334389647396867&KRTB&23263-8664334389647396867
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-72e5d80a-6e2a-11ec-9c3a-99462fc17f30&KRTB&23011-72e5d80a-6e2a-11ec-9c3a-99462fc17f30
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B332_E93857CB_283A4EF6&KRTB&23092-R1B332_E93857CB_283A4EF6
.technoratimedia.com/ Name: tads_uid
Value: E91B8524B911458A9A2047520FA1CF90
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220105082153-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFt-E7DqzcAABFrhrnOiw
.postrelease.com/ Name: visitor
Value: c24e3fc4-b6b3-4ed0-88ad-28248dda0577
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFt-E7DqzcAABFrhrnOiw
.pub.network/ Name: _fsuid
Value: bc0ddaba-164b-4caf-bc48-01e2ba1068e9
.investingchannel.com/ Name: ic_uid
Value: 2329f607-659c-40b4-80fc-c7f359b3bdef
www.bleepingcomputer.com/ Name: cto_bidid
Value: nGsDuV82dTdnUGNFTFBsdkg0eHRZQ0Q0YkdIUkx3Zm5ZdXZadk9udDNSNTVCSzhyZXh0d0ZXYnJ3eXZkNDRIZTFpVVQzY3lLUk03MEVkTU5CWjlTSGVjUHk3Zk5jdjhaQU1FJTJCJTJGT3dTSUQlMkZKeGpRayUzRA
www.bleepingcomputer.com/ Name: cto_bundle
Value: fKBY-F9SMnNFNkQxS3I0VGk5ZXp0bzNweGJ5UmFlelo3anl2ZzRnd1U0bnQ0eGFxZzYyaVFDY0xTRUV5Z2s0dVhLd0xQeFIwbSUyQkJmWnlNRGtvVUVybXVkaGVkZ1JXQkpaMnJLNmZ6MzRNc1hkQXpKbEU4MEgyd1BCWTAxOEc0T0w3Y2ZC
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGcYwmOs80YQMR8Rs6AAAAAAA&KRTB&22713-AAAGcYwmOs80YQMR8Rs6AAAAAAA&KRTB&22715-AAAGcYwmOs80YQMR8Rs6AAAAAAA
.mathtag.com/ Name: mt_mop
Value: 9:1641388914
.pippio.com/ Name: pxrc
Value: CPK21o4GEgQIAhAAEgYI3awrEAA=
pool.admedo.com/ Name: tuuid
Value: a9b2050e-aa70-43f1-96df-c187e79e72a6
pool.admedo.com/ Name: c
Value: 1641388914
pool.admedo.com/ Name: tuuid_lu
Value: 1641388914
www.bleepingcomputer.com/ Name: _ntv_uid
Value: c24e3fc4-b6b3-4ed0-88ad-28248dda0577
.amazon-adsystem.com/ Name: ad-id
Value: A0ahxd30REJhunHjYOGUBy8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bleepingcomputer.com/ Name: __qca
Value: P0-1915619956-1641388914399
.krxd.net/ Name: _kuid_
Value: OlV_16xc
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-20a5fbc5-73de-4467-b1a9-6b8c62cfc742
.dotomi.com/ Name: DotomiTest
Value: 2f45e45599bd1224
.3lift.com/ Name: tluid
Value: 12724134863166359534
.lijit.com/ Name: ljt_reader
Value: d090700eca65dcfca356b80d
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYAiACKAIw8rbWjgY4AkACSAIQ8rbWjgYYAQ..
.yieldmo.com/ Name: yieldmo_id
Value: g97548582c762dbe953e%7C1641388914905%7C0%7C
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjIzU7IyNDMxMrW0MDU00VGyMEbjm6DxTVH5lgbI%2FFoAoA0QeQ%3D%3D
.dotomi.com/ Name: DotomiUser
Value: 714006332472084062$3$1354181025$$1
.ads.yieldmo.com/ Name: ptrt
Value: 1a63fcc3-1a56-4f35-8bf5-da845493f467
.ads.yieldmo.com/ Name: ptrstk
Value: tzhAVoWfRqRKm_zjxtAwa1x3E0k
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ads.yieldmo.com/ Name: ptrpp
Value: 71tFyAgxDfjK
.bleepingcomputer.com/ Name: __gads
Value: ID=943cf567a505fdc5:T=1641388912:S=ALNI_MaCXKQFOSyCD473v_7MEMoPIiwbpg
.postrelease.com/ Name: status
Value: 1
.postrelease.com/ Name: ver
Value: 1
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: cba0974d-bc9a-4ae0-aeef-5505943d157a#1641388915113#1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f2c757f6-80f6-43cb-b909-add5e66ce6ea
.sharethrough.com/ Name: stx_user_id
Value: d920ada3-bb66-4fcf-a6d5-abcfedc74ef8
.pswec.com/ Name: tuuid
Value: 23608d05-c93e-4d54-8fa4-f180999fb4d6
.pswec.com/ Name: c
Value: 1641388915
.pswec.com/ Name: tuuid_lu
Value: 1641388915
.id5-sync.com/ Name: 3pi
Value: 0#1641388915266#48
.id5-sync.com/ Name: callback
Value:
.lijit.com/ Name: _ljtrtb_90
Value: c24e3fc4-b6b3-4ed0-88ad-28248dda0577
.lijit.com/ Name: _ljtrtb_66
Value: 637414288351
.lijit.com/ Name: _ljtrtb_85
Value: AAFt-E7DqzcAABFrhrnOiw
.eyeota.net/ Name: mako_uid
Value: 17e2a673bbd-77b40000010a444d
.eyeota.net/ Name: SERVERID
Value: 17485~DM
.clickagy.com/ Name: cb
Value: YdWbc2m6PAIk021fqRq0gBoa
aorta.clickagy.com/ Name: chs
Value: [{"ch":"185","t":"2022-01-05 13:21:55"}]
.ads.yieldmo.com/ Name: ptrbsw
Value: 20a5fbc5-73de-4467-b1a9-6b8c62cfc742
.lijit.com/ Name: _ljtrtb_84
Value: YdWbc2m6PAIk021fqRq0gBoa
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: nedhp1k5czep3vkbubi24vlc
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwK8YOaDAHAAJ1aHDHU4nTs03Nzom3rxsChhkwO0XX13HUu2ker2FhH0lbMC0
.zemanta.com/ Name: zuid
Value: ZVMZFIx65tcLnTTmmiuI
.lijit.com/ Name: ljtrtb
Value: eJwVysEKAiEQgOF3mXOCjqNO3VxqoVPRJTqqs7tFVLgEQdG7Z9f%2F%2Bz%2FgPazA20CGkNk6AwtY6tYK0mDHQir7bBUNohVzEoWMxCJJuxDay9TekxxzwZvfx%2B1Voxnroeqpe6S%2Fu%2BYx9k%2B1Cev6LjF2%2FXye77vLC74%2FtM4hfw%3D%3D
.lijit.com/ Name: _ljtrtb_83
Value: KY1KKVGS-1-D52Q
.infolinks.com/ Name: cuid
Value: 4075b9d3-bb68-4d1f-974a-2ce0b10f4046
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: e4pacyizxj32aex4agl2pmvp
.ib.mookie1.com/ Name: ibkukiuno
Value: s=cfee88a6-683a-4227-a2b8-3d888e824bd7&h=&v=0&l=-8585602179693372512&op=&hl=0&vlu=0&tcs=1&dcc=-8585602179693372512
.ib.mookie1.com/ Name: ibkukinet
Value: 1551307593=-8585602179693372512
.tremorhub.com/ Name: tvrg_60666
Value: 1,1641388916
.bleepingcomputer.com/ Name: fc
Value: %7B%22MTQ3fjE4MjE%22%3A%221%3A1641388918441%22%7D
.bleepingcomputer.com/ Name: pv
Value: %7B%22d%22%3A%221%3A1641388918441%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In7rD*VN!]tbPl1M>e)ZlrFUfJ+tGXxo]TxNQdE7kXtB$)rG?h_B'<V`#J^NDZfkHA/J*bpRz*qF1`*baH@*UNMv
.infolinks.com/ Name: tv
Value: |MTQ3fjE4MjE~1
.teads.tv/ Name: tt_viewer
Value: df775a6a-7992-4f2f-9d56-18fa2b2a2a34
.pubmatic.com/ Name: SyncRTB3
Value: 1641945600%3A223_38_15_2%7C1643932800%3A224%7C1642204800%3A63%7C1642636800%3A35%7C1641772800%3A216%7C1646524800%3A69%7C1642550400%3A178_239_81_166_5_233_13_240_222_189_104_8_22_204_3_71_48_7_176_56_231_238_165_234_96_54_55_220_21_99_57
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-f2c757f6-80f6-43cb-b909-add5e66ce6ea
.taboola.com/ Name: t_gid
Value: 487b72e9-62a0-4f89-82a4-418d3a136cec-tuct8cf20f7
ads.playground.xyz/ Name: connect.sid
Value: s%3Ag3jfLkeO3KJQnLdPLCXAeTIkxtL7gTgV.GxIzbu6%2F%2FxEvcj7RZoS9denuH1KDlghC9Z%2F36jUnRus
beacon.lynx.cognitivlabs.com/ Name: ss
Value: lKd0E4N7wjfWLpcR6rqwQXyTDsUd%2BgjWGllyRJbIKIr7MvHrvYTIVU3I0xhafvSOxEJO4RSUpgsmrc%2BfYLeg5g%3D%3D
.openx.net/ Name: i
Value: 08cb3d78-532d-4fa4-b97d-6e67bb5f88d4|1641388920
.adingo.jp/ Name: ID
Value: d80d98726c0057bc1c670d031f2b06c5
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23175-00000093F8F2077A
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220105
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.c.appier.net/ Name: _auid
Value: ToEixhi6CXGO6ehfeJvVYQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-ToEixhi6CXGO6ehfeJvVYQ&KRTB&23130-ToEixhi6CXGO6ehfeJvVYQ
.pubmatic.com/ Name: PugT
Value: 1641371271
www.bleepingcomputer.com/ Name: _lr_retry_request
Value: true
www.bleepingcomputer.com/ Name: _lr_env_src_ats
Value: false
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: bad2d675-583e-4f34-8d55-5407c9257c79
.33across.com/ Name: 33x_ps
Value: u%3D117430483258176%3As1%3D1641388920720%3Ats%3D1641388920720
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 141cbafa128e060bfa6de235c823e0aa
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDQxTE5KTEs0NLJINTAzSEpLNEtJNTI2TbYwMk41SExkAILEq7MrQDQUAABrMAuc"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIvDq7AkhBAQAcnQJK"
.media.net/ Name: visitor-id
Value: 2843905200759387000V10
.bleepingcomputer.com/ Name: panoramaId_expiry
Value: 1641993720719
.bleepingcomputer.com/ Name: _cc_id
Value: 141cbafa128e060bfa6de235c823e0aa
.bleepingcomputer.com/ Name: panoramaId
Value: 1213d449eb6c58388615d78047cf16d539382b4a4b7e0ab12d757418fd104a7a
.tapad.com/ Name: TapAd_TS
Value: 1641388920861
.tapad.com/ Name: TapAd_DID
Value: d7b7191d-d622-41e5-95b6-2af052de3db6
.tynt.com/ Name: uid
Value: ZpeVh2HVm3gLYyGwOwsiog==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1641388920935%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1641388920935%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1641388920935%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1641388920935%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1641388920935%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1641388920935%7D%5D
www.bleepingcomputer.com/ Name: cookie
Value: %7B%7D
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 194C314AAD956A1A3F612069AC826B5C
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2483:u=1:x=1:i=1641388921:t=1641475321:v=2:sig=AQEj-QlFLMA_tA6igdCVsjJN4G-zb2PI"
.linkedin.com/ Name: li_sugr
Value: f1294d9e-5a48-4d54-8a2a-7aeccc817f64
.linkedin.com/ Name: bcookie
Value: "v=2&fd6a44d2-17e4-434a-86e3-528b4a3e1f42"
.w55c.net/ Name: matchmedianet
Value: 5
.criteo.com/ Name: uid
Value: 1b3997a5-1350-4274-9e08-6401d6d1d77f
.rlcdn.com/ Name: rlas3
Value: qvJwv/yKI5hU6BfAmrBWZ1qk1H125eR+1Kk7lvhBh1I=
.mookie1.com/ Name: id
Value: 10595844026041181471
.mookie1.com/ Name: mdata
Value: 1|10595844026041181471|1641388921255
.mookie1.com/ Name: ov
Value: 5679ac7994fb1004264a2c4b003d62dd
.fg8dgt.com/ Name: tuuid
Value: 28139247-0eff-4704-8ee0-cb3e5e3591f0
.fg8dgt.com/ Name: c
Value: 1641388921
.fg8dgt.com/ Name: tuuid_lu
Value: 1641388921
.mfadsrvr.com/ Name: c
Value: 1641388921
.mfadsrvr.com/ Name: tuuid_lu
Value: 1641388921
.mfadsrvr.com/ Name: tuuid
Value: 26f02966-ffaf-4b08-8d02-568e71150140
.media.net/ Name: data-xu
Value: GI2D34ul1N56eJ5~~8
.media.net/ Name: data-c
Value: 1b3997a5-1350-4274-9e08-6401d6d1d77f~~1
.media.net/ Name: data-c-ts
Value: 1641388921
.media.net/ Name: data-g
Value: CAESEO7uJL7ufU3ctXkagfSuLMY~~8
.media.net/ Name: data-ttd
Value: 1a63fcc3-1a56-4f35-8bf5-da845493f467~~1
.media.net/ Name: data-co
Value: AQEI6an492HHXwJRtiigAQEBAQE~~8
.media.net/ Name: data-mm
Value: 050e61d5-9b71-4f00-a1bc-dfd497875439~~8
.media.net/ Name: data-amb
Value: 3747225568690969523~~8
.pubmatic.com/ Name: SPugT
Value: 1641388921
.admixer.net/ Name: am-uid
Value: e5134c6aa1984914bc5ed8c0b8f61662
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjS3MDE3NzEwNjU3NDEzNTEzFuIz1PULMzWMLE8xD83OcwcAI6LRwSQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjS3MDE3NzEwNjU3NDEzNTEzFuIz1PULMzWMLE8xD83Oc5fiNTQzMTS2sLA0MjQxNAEAOXwbWjMAAAA
.mfadsrvr.com/ Name: ssh
Value: !medianet,1641388921
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~22hp:192v~22hp:191l~22hp:175w~22hp"
.creativecdn.com/ Name: u
Value: KQKdcIfLbyHtykh5fBEH
.creativecdn.com/ Name: ts
Value: 1641388921
.media.net/ Name: data-rk
Value: 979321822310490180~~8
ads.avct.cloud/ Name: uuid
Value: 66152e53-073d-4957-a80b-bcc1df3acdd5
.adsymptotic.com/ Name: U
Value: c744e516cb6009e7802e472b267fa58f
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.media.net/ Name: data-mf
Value: 26f02966-ffaf-4b08-8d02-568e71150140~~1
.server.cpmstar.com/ Name: USER_ID
Value: %fdmc%c4%05%e8%cd%3d%98%ae%7cN%af%08%95
.media.net/ Name: data-ze
Value: ZVMZFIx65tcLnTTmmiuI~~8
.media.net/ Name: data-bs
Value: 20a5fbc5-73de-4467-b1a9-6b8c62cfc742~~1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|BUOMcvf/iR1nsyoqZcqQs12O6YhEXllKEcO8u1UsrvBhyu/tT7LleMhjvTy9AmolOdYXE9FO7jciZ07GJqnMno4BjqNRGrmz
.brand-display.com/ Name: _knxq_
Value: fdcd86aa-bad5-8b7a-7bff0e50.1641388921.0.1641388921.1641388921
.casalemedia.com/ Name: CMRUM3
Value: 4161d59b7305a0AQEI6an492HHXwJRtiigAQEBAQE&0461d59b7905a0&8261d59b78a8c0&6f61d59b7805a0&4961d59b7905a0&0361d59b7905a0&c461d59b7805a0&4061d59b7905a0&0861d59b7205a0&5861d59b7805a0&2761d59b720b40&e661d59b722760&8361d59b7205a0&f161d59b7205a0&ce61d59b7805a0&9c61d59b7905a0&2e61d59b7927606285311477415990070&5161d59b7805a0&5a61d59b7905a0&2d61d59b762760CAESEBUrqvm8qUwHiiNAg9qrWh8&bf61d59b792760fdcd86aa-bad5-8b7a-7bff0e50
c.deployads.com/ Name: d7s_dc
Value: 44ADMXbbad2d675-583e-4f34-8d55-5407c9257c79f4XNDRK6285311477415990070f4bswtb20a5fbc5-73de-4467-b1a9-6b8c62cfc742f4centBno-consentf
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FDQXJJR0d6SXpTRkpHVG5kYWMwYzBTR2xFVFdkTVZrWkVNMHRNUVZKMmVyb0dEd2lSVGhJS2JtOHRZMjl1YzJWdWRMb0dLUWlaVGhJa01qQmhOV1ppWXpVdE56TmtaUzAwTkRZM0xXSXhZVGt0Tm1JNFl6WXlZMlpqTnpReXVnWVZDS0JPRWhCWlpGZGlZMUZCUkZRdGIwazRkMEZ0dWdZRENLcE91Z1laQ0t0T0VoUkxVVXRrWTBsbVRHSjVTSFI1YTJnMVprSkZTTG9HQXdpdVRyb0dBd2l3VHJvR01RakpUaElzZVMxSFJUbHllbFZ3UlRKMVJYUnVhME51ZUhwVlMyNHdkVzF6YUdWRFZVd3hjV0V4WmpSNGVIY3Rma0c2QmlrSXkwNFNKR1E1TWpCaFpHRXpMV0ppTmpZdE5HWmpaaTFoTm1RMUxXRmlZMlpsWkdNM05HVm1PQT09IiwiaWF0IjoxNjQxMzg4OTIxfQ.uYZ51Sz9TTF2j94NB4xOc_o3-fe7C4l0pfJMb3iKIlckjZOsAqAe5V2gNML-htZwSVmDRZLwmBmZ2awq0Fn2Yw
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvExGtoZmJobGFhaWRkZGHWJIjgG5oYmgAARWNb8yAAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1bfk|7TZ.0.1|7dN.0.AAFt-E7DqzcAABFrhrnOiw|7Nq.0.1
.tremorhub.com/ Name: tv_UITM
Value: YdWbcQADT-oI8wAm
.tremorhub.com/ Name: tv_UIRF
Value: 978477403571465463
.tremorhub.com/ Name: tv_UITN
Value: 1~3747225568690969523
.tremorhub.com/ Name: tv_UITD
Value: 1a63fcc3-1a56-4f35-8bf5-da845493f467
.tremorhub.com/ Name: tv_UISF
Value: 1D5525D15A044016B14FBC531747C717
.tremorhub.com/ Name: tv_UIAF
Value: 8664334389647396867
.tremorhub.com/ Name: tv_UIPP
Value: 71tFyAgxDfjK
.tribalfusion.com/ Name: ANON_ID
Value: aPnwQRwZcF1eoXarpfsg54U1bIkZa6Za5KJgn3siTcWxCZbE3w1r34ICrge0YwB0VxKccecHXw9dhybEJjwYKJtLdKN7dUOQaVESZdXML1Occeg6TUMp4n1vrr7ceUCej
.tremorhub.com/ Name: tv_UIAN
Value: 6285311477415990070
.tremorhub.com/ Name: tv_UIDT
Value: AQEI6an492HHXwJRtiigAQEBAQE
.tremorhub.com/ Name: tv_UIBL
Value: y-obDuyNdE2oQMLeLk2WJBjGlza8tlvekNhxU0~A
.videohub.tv/ Name: uid
Value: CI-47eb05a751e38fb3eb1affeff87f64ee
.videohub.tv/ Name: UITR
Value: db205cfb03c046878407cd33e7e645dd
.tremorhub.com/ Name: tv_UIDF
Value: CAESEHkyzJ9zFxrNr1kYOAFVjOI
.tremorhub.com/ Name: tvssa
Value: 1641388922370
.tremorhub.com/ Name: tv_UIEX
Value: 18072662315408922977
.tremorhub.com/ Name: tv_UIMM
Value: [mm_uuid]
.sundaysky.com/ Name: sskyu
Value: d6.4f465466129a4da8a25924fdcf457aa9
.sundaysky.com/ Name: sskyCreationTime
Value: 1641388922397
.tremorhub.com/ Name: tv_UITR
Value: [user_id]
.w55c.net/ Name: matchtremor
Value: 5
.tidaltv.com/ Name: tidal_ttid
Value: dd9b43af-f1ad-488c-8608-f9da8c742205
.tremorhub.com/ Name: tv_UIBW
Value: AAFt-E7DqzcAABFrhrnOiw
.sundaysky.com/ Name: sskya
Value: "e3RyOnt0czoiMzR6cDRxIix0OiJuaSJ9fQ=="
.casalemedia.com/ Name: CMST
Value: YdWbcWHVm3oA
.adgrx.com/ Name: ADGRX_CM_TREMOR_BRIDGED
Value: 1
.tremorhub.com/ Name: tv_UIDX
Value: GI2D34ul1N56eJ5
.tremorhub.com/ Name: tv_UIBU
Value: W021641388922S17673G9319
.tremorhub.com/ Name: tv_UISS
Value: d6.4f465466129a4da8a25924fdcf457aa9
.tremorhub.com/ Name: tv_UIIE
Value: YdWbcBgovym-M.HPZmH3eQAA&946
.tremorhub.com/ Name: tv_UIAG
Value: 72db71b4-6e2a-11ec-b017-01e8582d969d
.tremorhub.com/ Name: tv_UIVO
Value: dd9b43af-f1ad-488c-8608-f9da8c742205
.tremorhub.com/ Name: tv_UIAI
Value: MfRdyeb4M
.blismedia.com/ Name: b
Value: 61D59B7A8607CC6CD10D7DE8BLIS
.tidaltv.com/ Name: sync-his
Value: H4sIAAAAAAAAADM0srSwsDI0ttA1NDUFAOqWthoNAAAA
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiyjP_xi5aoOhAFEhYKB3J1Ymljb24SCwievMj7i5aoOhAFEhUKBmNhc2FsZRILCMbWg4OMlqg6EAUSEwoEa3J1eBILCPSuuIeMlqg6EAUSGwoMc2hhcmV0aHJvdWdoEgsIqrHEiYyWqDoQBRIWCgdzdng5dDUwEgsIuMigu4yWqDoQBRIUCgV0YXBhZBILCOzNtLyMlqg6EAUYASABKAIyCwjih_P3opaoOhAFOAFaB3J3dXE5bnlgAg..
.tremorhub.com/ Name: tv_UIQC
Value: EI4Ekx_dV5cLhwPDFYtNlBOLVsIL2lGXEtzve1tT
.bfmio.com/ Name: __106_cid
Value: 1a63fcc3-1a56-4f35-8bf5-da845493f467
.bfmio.com/ Name: __io_cid
Value: 1a63fcc3-1a56-4f35-8bf5-da845493f467
.adhaven.com/ Name: uid
Value: 4c_e5406964-a297-4d08-8e2c-c994aab88b46
.tremorhub.com/ Name: tv_UIAL
Value: 72e5d80a-6e2a-11ec-9c3a-99462fc17f30
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBPwpMcxaUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT8KTHMWlI90aGlyZFBhcnR5VXNlcklkIfuBMjf6QiS2QyUBPwpMc1OQRCUBPwpMc1OQRVdkMDkwNzAwZWNhNjVkY2ZjYTM1NmI4MGT7gjEwMfpCJAOKQyUBPwpMdQSkRCUBPwpMdQSkRWMyMGE1ZmJjNS03M2RlLTQ0NjctYjFhOS02YjhjNjJjZmM3NDL7gjMxNPpCJAm0QyUBPwpMdTiWRCUBPwpMdTiWRV9kYjIwNWNmYjAzYzA0Njg3ODQwN2NkMzNlN2U2NDVkZPv7hnZlcnNpb27C+w=="
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005%22%2C%22nxtrdr%22%3Afalse%7D
.tremorhub.com/ Name: tv_UI4N
Value: 4c_e5406964-a297-4d08-8e2c-c994aab88b46
.tremorhub.com/ Name: tv_UIAA
Value: 637414288351
.tremorhub.com/ Name: tv_UIEM
Value: 6285311477415990070
.tremorhub.com/ Name: tv_UIAD
Value:
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1641410522733
.adsby.bidtheatre.com/ Name: __kuid
Value: 80c83626-daad-40d9-b18c-a4b2cb54ed73.410602922
.tremorhub.com/ Name: tv_UIBT
Value: 80c83626-daad-40d9-b18c-a4b2cb54ed73
.tremorhub.com/ Name: tv_UIRO
Value: RX-7dee9e15-f789-480d-b5b7-0485aa3d433e-005
.tremorhub.com/ Name: tv_UIZM
Value: 7e6e6167-37c2-40ae-a7d9-d64edf2b6875
.dpm.demdex.net/ Name: dpm
Value: 63183386162186996963347869300889518159
.demdex.net/ Name: demdex
Value: 63183386162186996963347869300889518159
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!133-2!133-3!133
.tremorhub.com/ Name: tv_UITA
Value: d7b7191d-d622-41e5-95b6-2af052de3db6
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1641388924|vM
.tremorhub.com/ Name: tvv
Value: 2
.videohub.tv/ Name: UIXX_UPDT
Value: "UITR=1641388925452"
.tremorhub.com/ Name: tv_UIBM
Value: 61D59B7A8607CC6CD10D7DE8BLIS
.quantserve.com/ Name: d
Value: EBYBIQGQJYEO-TC_vLEL7iDomtEA
.tremorhub.com/ Name: tv_UIBS
Value: 20a5fbc5-73de-4467-b1a9-6b8c62cfc742
.bfmio.com/ Name: __103_cid
Value: 20a5fbc5-73de-4467-b1a9-6b8c62cfc742
.bfmio.com/ Name: __103_exp
Value: 1
.bfmio.com/ Name: __bfio_sync
Value: 325CE042796F01FE8C2D7BAD2E3BF5BB
ads.stickyadstv.com/ Name: UID
Value: 32e4fcab9d16013cbc0706eb7ed35d

19 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6285311477415990070&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://id5-sync.com/i/882/8.gif?id5id=ID5*JoOgUENp5ngWNBLjLMcnBsiHtSQF7Yq0Zr58-u5Y8LMD4ji-vYrk5IlE4_ycWTvMA-NdKuCmzfcCiMkc3DcVxwPk-Q9N7XjyaA0nQ2nXX2QD5bRc1_2ph3JwYTnbSpjwA-Zg0WMzqvkzcFT0ZTYZCgPnOqg5z8z2gcdbuelPUiYD6DU7qn-qiFy8VCJoKZSgA-nBSzAE8lAoZ4vEjbDv7APqnhwLDvzUihdHNaU9CLED67QEY3YLOS6XiThf8c4GA-ydpQcx3MMmm2D53IE1GgPtlE_4ZrCWuXNp2-AzRfAD7tESVkF7pfit7KFWPWnlA-94DT0lhMp_syEfY3SVwgPwgWjVTqrWwRYuYKUuZGwD8QvbOa_p8URnJoZEsEpDA_JLpmBmwutai8J0S2vldgPzZVYHbTRc3cZoXFsESsAD9PiQWt5Vu4nbpbMfVlGnA_WTCGezumV2aqfArJR7fwP2eHeTh_ato9J-nHt-VycD94gCzmD_cyia_rSGFyl_A_i5Vv5f2Bnnes0RQnLc3w&o=api&gdpr_consent=undefined&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://router.infolinks.com/usync/lcmanage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F
Message:
Failed to load resource: the server responded with a status of 500 ()
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-0920899300397823&fa=1&ifi=4&uci=a!4&btvi=2
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=MfRdyeb4M&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=o4LdyAb4p&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdWbcBgovym_M-HPZmH3eQAAA7IAAAIB&google_gid=CAESEDaBvCZAXKuDpDagBfqBZ0I&google_push=AYg5qPLnAYmatniNG8xD-Sjj2jPXsewRRmTpVTiB415mYYJakjAhvJt2wGb2uNgrrXmqrbTMdoXtLkDuz8XRUP3lZ0awi3OQQg&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPIjhphxminorFoB5g1K40S18Ic2GNR-3jxjrFp8fVKNE-V4J50BeqsqeyASoz4a44cEySZCucx09IurtM1JdXtwytuhilc&google_hm=d80d98726c0057bc1c670d031f2b06c5
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: about:blank
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjcwOGQxZWItMzNkZC0yZWY3LWY2NGItZmMzNjE1OWE3NTQ5&gdpr=0&gdpr_consent=undefined' (redirected from 'https://connatix-d.openx.net/v/1.0/av?auid=539961198&schain=1.0,1!connatix.com,102734,1,,,,&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsynology-warns-of-malware-infecting-nas-devices-with-ransomware%2F&cb=e21167e6-069a-4997-bfec-bd416e7108a9&vwd=834&vht=469&gdpr=0&gdpr_consent=undefined&us_privacy=') from origin 'https://www.bleepingcomputer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjcwOGQxZWItMzNkZC0yZWY3LWY2NGItZmMzNjE1OWE3NTQ5&gdpr=0&gdpr_consent=undefined
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 560)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
386ecb7036adaab83677f91a2102be26.safeframe.googlesyndication.com
a.pub.network
a.tribalfusion.com
acdn.adnxs.com
acds.prod.vidible.tv
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads-ec.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.co.uk
adservice.google.com
aktrack.pubmatic.com
amazon-tam-match.dotomi.com
amobee-partners.tremorhub.com
aorta.clickagy.com
ap.lijit.com
api-public.addthis.com
api.btloader.com
api.floors.dev
api.rlcdn.com
b1sync.zemanta.com
bc-ssb-cle.springserve.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
biddr.brealtime.com
brightroll-partners.tremorhub.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.deployads.com
c.pub.network
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.districtm.io
cdn.doubleverify.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.krxd.net
cds.connatix.com
ce.lijit.com
ck.connatix.com
cks.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
cms.quantserve.com
code.createjs.com
connatix-d.openx.net
connatix-supply-partners.tremorhub.com
consumer.krxd.net
contextual.media.net
cookie.brealtime.com
core.iprom.net
cs.lkqd.net
cs.media.net
csync.loopme.me
d.pub.network
de.tynt.com
dggaenaawxe8z.cloudfront.net
direct.ad.cpe.dotomi.com
dis.criteo.com
districtm-match.dotomi.com
dmp.brand-display.com
dmx.districtm.io
dmx.us-east-31.districtm.io
dmx.us-east-32.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.videohub.tv
e.dlx.addthis.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
global.ib-ibi.com
gocm.c.appier.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
ib.mookie1.com
id.crwdcntrl.net
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.connatix.com
inv-nets.admixer.net
jadserve.postrelease.com
js-sec.indexww.com
m.addthis.com
m.fg8dgt.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
medianet-match.dotomi.com
mug.criteo.com
mweb.ck.inmobi.com
nep.advangelists.com
odr.mookie1.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pghub.io
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
protect-us.mimecast.com
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
resources.infolinks.com
retargeting.bksn.se
router.infolinks.com
rt3002.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
slckg-2p3vy.ads.tremorhub.com
slckg-kqe2e.ads.tremorhub.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.extend.tv
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
t.pswec.com
t.sidekickopen07.com
tagan.adlightning.com
telaria.adhaven.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
tr.blismedia.com
trc.taboola.com
tremor-match.dotomi.com
trk.vidible.tv
u.openx.net
uat5-a.investingchannel.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
usermatch.krxd.net
v1.addthisedge.com
vid-io-cle.springserve.com
vid.connatix.com
vid.springserve.com
vop.sundaysky.com
vpaid.springserve.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.reddit.com
x.bidswitch.net
x.mdhv.io
z.moatads.com
btlr.sharethrough.com
cm.g.doubleclick.net
s7.addthis.com
trk.vidible.tv
104.16.190.66
104.17.119.107
104.17.120.107
104.18.102.194
104.20.59.209
104.26.12.6
104.36.115.109
104.36.115.113
104.36.115.114
104.36.115.98
104.45.178.220
107.178.246.49
107.178.254.65
107.21.202.31
13.225.205.105
13.225.214.111
13.225.214.24
13.225.63.8
130.211.23.194
139.162.78.222
141.226.224.48
142.250.65.162
142.250.65.226
142.250.65.230
142.250.80.66
142.250.80.98
142.251.41.2
146.20.132.105
147.75.61.140
151.101.129.140
151.101.130.137
151.101.130.49
151.101.193.108
151.101.194.137
151.101.2.133
151.101.65.44
151.101.66.133
159.65.196.12
172.66.41.9
172.66.42.247
18.204.86.180
18.209.200.15
18.209.253.24
18.213.33.211
18.216.166.79
18.218.141.222
18.234.22.74
18.235.169.84
184.50.205.90
185.167.164.49
185.184.10.30
192.132.33.46
192.35.249.120
193.122.128.135
195.5.165.20
198.148.27.139
198.24.170.53
199.127.204.142
199.127.207.184
199.187.193.166
199.38.167.128
20.72.149.136
2001:4860:4802:34::15
2001:4998:14:800::1001
204.154.110.75
204.2.255.233
204.62.13.72
205.139.111.117
207.198.113.176
209.54.176.128
213.19.162.80
23.195.109.72
23.20.59.139
23.208.216.126
23.219.95.182
23.39.175.77
23.41.168.202
23.52.161.180
23.52.162.163
23.52.162.190
23.52.162.21
23.52.163.40
23.52.167.93
23.73.244.44
23.73.249.203
23.88.75.188
23.92.190.74
2600:1400:d:598::4469
2600:141b:13::17d7:8222
2600:1901:0:8eee::
2600:1f18:1c96:4103:4770:1339:6dc2:c345
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185
2600:1f18:612b:4216:e715:23fc:28e9:ce6e
2600:1f18:612b:4232:e16:c052:477e:6871
2600:1f18:612b:4264:5d9:11f2:8a3:eea6
2600:9000:210b:6a00:15:6f6c:b180:93a1
2600:9000:21dd:3800:6:44e3:f8c0:93a1
2602:803:c002:200::41
2606:4700:20::681a:18b
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:3039::6815:c076
2606:4700::6810:5e41
2606:4700::6812:260
2606:4700::6812:c05
2606:ae80:1451:17::1460
2606:ae80:1451:21::410
2607:f8b0:4006:806::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::2006
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:44af:4f54:8af4:5563
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42::300
3.140.161.36
3.20.211.8
3.213.98.115
3.218.90.66
3.221.253.192
3.230.217.116
3.233.22.19
3.65.17.160
34.102.163.6
34.102.253.54
34.107.148.139
34.117.228.201
34.117.239.71
34.120.155.137
34.149.20.76
34.193.183.147
34.198.26.56
34.205.3.24
34.217.165.61
34.231.139.54
34.233.75.183
34.235.17.126
34.239.68.79
34.75.117.5
34.75.235.219
34.96.105.8
34.98.64.218
35.173.146.224
35.173.82.50
35.174.252.253
35.174.6.234
35.190.118.189
35.190.60.146
35.190.90.30
35.201.71.192
35.207.24.140
35.210.53.219
35.211.141.197
35.211.165.199
35.211.178.172
35.227.238.208
35.227.252.103
35.241.45.217
35.244.159.8
38.100.136.209
38.27.122.158
38.91.45.7
44.196.174.17
44.239.145.70
45.35.192.162
46.105.202.126
51.161.118.168
51.89.20.86
52.0.188.249
52.116.221.248
52.203.60.58
52.223.22.214
52.223.40.198
52.5.154.197
52.73.153.177
52.86.150.190
52.86.210.192
52.87.48.29
54.192.160.42
54.208.114.40
54.209.75.74
54.213.43.45
54.230.162.7
54.236.195.76
63.251.114.136
63.251.28.218
64.58.232.177
64.58.232.179
64.74.236.223
67.202.105.23
67.202.105.31
68.67.179.164
68.67.179.91
69.90.254.78
72.251.232.228
74.119.119.139
74.119.119.150
74.121.140.14
8.28.7.82
8.28.7.83
8.28.7.84
8.39.36.142
8.43.72.98
005127d9b56e42629d58cb02a416252aae2de5b52166d879855b38bec05a7f43
01422988e80c648184ee30a4b56757b9ca586b99ac8e4014bff80066c7f6e4c9
017ed52b710e79777e00b532b51b4967657b8bef7a7ccad66045dd4253470a62
01b9db5a9550725b5c2d4203e490ad3bb33cbda463626764e58725a188f3d30b
0224741f7f1a6f09286718e00adc447e81f240441608372f0e061cbb820e2216
034ae1829661bf4346b82a47b13edab78261609b952e240d174937a432d726d9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0515e210250b4b8612a48d41591265c31a194b2441b462f7fe293da28a2776f4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05689b44de95e9e630f786e99c1f9cd704143e7dfb9352d3d84c31336577033b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ecc1573d3bd555fe29b67a1f5f9a4f560413c5d3a979eb7ad1960866ddbad8
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
0ac5d54801ae5c831df34e94dd9eb2a781ba82afe6f5e22f23f6a24f1012494e
0b03c4e89b248daeb0c2ed482fb6c31e6c2863e9dc0eb650b65a38b7367e9513
0b37f3d8aa5e1f298bf71477c945f576745020ce44f048ec67e19a93cd285372
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdce68d55ff0acea805c6354fafdddf6cafc1b111a9ece1f891acf3e5a5dc6d
0cefe1841b30d81689a0a39b3f98c77e36763607acd5349a93f06e64d002fbda
0db7b303f166ccaef7eb0f22146ae6502dd1d892561edf237dac64ac9e77f4dd
0e6ce74217578d8e40ae55c318807559c4e9fec8b55abfe41b2b43cbc3054d58
0e978b16b20e010d322bace3a6931c000607a4a3689f6d48dce3abd5155ff57f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f041c018d27c3512844e9cdb19f40cb262e13ac1cd587e3a53dac6ca7b696bd
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0fbae20eb8bce8f39c62514b485b8ac2a3aca61a69111823f2fd88f2acb756e9
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137306918ab40fc8abdd5ee79b370c38f773567fcb3d0b194ca2680d4e66723c
14e59766e4d658c4e2cd87ac241c65a2c0d7b259e72ef85793bcb7e1d8d7ded7
1737ee2ce08a5738bb5c3ab4c5004ada6a75d5d99588f20ad887e64a60adcb79
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18df6526c391bb80ae6ff08485cd6178fd37c5857d9524a03758a63992d23ef7
19735679a60e0e3790f69284caeac1f00c80ca8ad3a29d42ab53e0eba50e18b2
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b082e323b5ab16f8b26f524909720ac2e8e150e8b37e22dcec5ff06155c8469
1b40bb42789b0b2148d44347c2f585a4cafde845e5867297c985f2b6b0ca5269
1b93029a1c36ea707d4eea296eb717f17d845593a60a701b5382d31a1a0b0c44
1bd07359438a34a6db7cff6fd74c31f9c84076f56d28219d033502ba85b3bbc6
1bfc2c2ee9af9b35c72c475c8c25d1004f5b43e34b2da6bfd4d99798afe12c9d
1c6db71096e2bcb1918adbf9919913e60252156d48f20b03078a8e5b4409f49b
1df30087a6176d0bc5da931e2da135a26ace26117d72b24c5e354f978f6f34ca
1ed431fc0e25f957818879c767174563e10db3a70016c493655f202350b924da
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
208b7aabe6e7364400912be1f1d5605f303c7b8e133e8799e5c218f3059dcae8
20d7480c779d56a8e3f23e7e1e79c260ff626d1f200a4e48380174498d9f77a5
211a946bc5687eb9ca1d7f3888ab17354c00ec3504855408ca08b28592e4ebce
216ebb79c108ef2e3b4e366b7f7f24d6526ae7e72b7230bfb236ca5a844a3c60
224b7961c43e25f6d5508be4a91d5639cdfb8054c460e4b93d3713aa18dbdf04
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
238b8e686268cf873e4200fb29f41a2edc327ed23272294b4e7082960743a855
238f627754941864d33227ba1d2ddcdc2cb9a0021d6431025ad3631228dfffc3
252e95ca81539eaf33d8fa58af22be658917a22a57b469852db37937dc529ebd
2557af8237c956ac1d3cf5bea11a43285c63676b4ab846c4d693be89d0580fbd
25ef3aec431c864ade6adfd215691bdf0a9feee7e2707342833660d7b8784f4e
2746b817d20ad9ff1f30ce7fbdbc997444cbdac8b6d915a26c4420722c13fb2d
27bdc62c0910fb8b0c1773f2d61be6b2f7f38c257e905b346e64bf1c6166a3af
28f082e50a6e97d7107626f1b1760b849dbe97c9e07260fa35c90d4f87cca026
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2950e438bf51151ffedb7db588ff4bb77855a48daf2793c204fb8c89f1a3ae68
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0eddbc204aa7e7609e5fb7a4ef51ec6862254fa0049969609381ca4b4ff1ca
2b37a02e98c3615c3042af99b2c87b8fce301d25e2de27aeb0d610dadc277b05
2bd6384368e53e55ae1da857f2b387fcd27d2ae16a2d2986ff3fd8693a272e2b
2c195f2d699da962360691c21897f7cae0d07b516a19646287e2e1833452c011
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cf84d940bf607324a6ed47e00c244a28a943e7a15c059ce762080fba1b73596
2d41cb030de1d7a2477a3e547bb40d6c494c5ec421952469d41f3c2937052ad4
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2ebf216a70363b96d385c7315e3b7df8f0b069a8fafbb359ac0b840eceb14c4c
2f26d38308c9438a148fb824c0f7ee39568eeb997f85d6148bb34453760583fd
2f32f3641806a677b11acb4a92048d9d8f61b7c3047ca66fefc589440d06fd89
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8d806dc6b90488d987a8d48b97f94403ea30ba173eb8c573678b765c11076d
2fee252de930dd5412cacb6b6c8f24694ddf06b3ee325e0be67cd351acb2f4c5
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
3265548bdb602ddc84a3279b973a9bcadb237796e59aeb87177ae1ae084e0dba
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
34693650fa1c075ee49d1d196c375dc30a453567a343dc08ee75b67ec7ebaa75
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3
359ae4e2c4018170f1ade1113041fed541dd72c7dd5e4feaa765fd6490fa3109
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a7bb0524ef237d4f15edda3dadbef361f0fa800e46fb88c35bea2cedf5a9d7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
385cd14e648529eee30cb97504ef5052e7f5940cd639b9d2b9e63307ceacd0b4
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3cc00c690f71707c422f24d03f41226b6e0ec19a060684028391d61961b0b8db
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e6aee43ce232f5c967d532d699c8dd2366873b4a61a6d6cbebb3606174a4a61
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4987d63b8bbfd1e7bd400c584df398776dea01754238286f36d2148b9bf114
3f6a52d7dee73eec2cbbbebfba709ff882732bcf58cb5e01575ceb2499713adf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fef19e536824cf94f0a91aa3c591c5cce3a2324b0cb39b2a848ec4ea8ff642c
415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
429b804106a65545f65a57732906d18a9323bb26ab144ab388d5a52ac04bd7a5
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4422923c1bdaa40600526024e5255d4659d5d2afd3ceb76bb39883848f4b51ff
446c42a6e68e04783baced6f8ba9c0bfdbb839f376675ac692ae411f774c61bd
447801b0959c68d0e7a289a4cfa5ff65fc776be35cb292a43ce170ab08fdf10d
4499ebd756f5df85b0e94527e7855ff09b2f8f4026026d64ce831655dd5cc318
44bef6588cb70325f61b7dbdf85b3a70d362171f219077705a08789e1539de9d
44c3513847c2e241bf6b089c52479b77c6b1b8720bac030c99593733b8639762
44c372895d511547386c9f8643ae003cf0a9e4c9195bd94e7840519063d870b9
45547034579c50c88ba2361cd868c4a2dfc1e185a04fe6aabb88994809b1b526
457bc9445a28af60d4762b1f45ec8588f1953e050b60642385392c5e05d2b8a9
45affe414a0fe5bb74ec292f80299627757f7de9ffe35d1c2aa42fb14ab18689
4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4901b094a91ea6d5aba73774bb9803fdca22599cfca597ef81249225b5ed01b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
499661a3d6856aa2c768157773db797c3a19fdeb849d8f3c17900017dc3810c9
4a268d494ea424903f16a6ff64c9e0ddc35ddb97eb8275f8b948810eb4e9dc96
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6ac5199973b70b918419307834cb45920715afea7fc0a1f554a056b64cc989
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2bd1d22b043baa6944735a0ea65d01d356a2527f8fa655f0b0b4d89d854928
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
501ac7ead0cb00ad4bffc4a7ca026646d52573573e8d9b048f1ae8ef4917e487
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c90149928ce4bdd9ad3f9772dde8230beac526f594525d3ccccce3dc765dc7
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af
51c5d863c77cea2a3a7400de4b79e05d8ec402ea27afaf3e297a202d9e17a73d
51d0433ffd73aa6f3e3b48ff1b908b8343798b44a401eeffb35f2685327b77be
51f95e632f7eacb16867bfd50ae647a58f9a995faf6796e3f8ac459f9d308bef
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
546455ba4a8a9b9d964093af8aafc7db58e88b8c1d16a227097e581bb9ae8835
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a5777ef475788a604516e4a827f3d9564753a931f919b24219264ed8e25a5c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5706dedad17a5f82cf7dd81230bc64e3ae762f4d1ef72a138d40ea9201897c4a
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
59d778bb5ab851fd1535230b89f064235606fb4ef01bc51a348d1db999ef3be1
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5ac32db1e4908c5d8e0f1449fe9c0154f8501fa1ce0cec75327fca64d1ac171b
5bdbcecd4db015b55f400ba7f10242be2a1b31be3768fab67eb3a42836243ee7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
5e619664fa0975bea59b4b84ffe319b3e7152de3cfb3fabc29a1882ed5df03d5
5e7fcc26391c6ab9fcf0046be1361f97048c35f6f17bcfea7b2deaa4702bfdf8
5f2ad9c616363f8d76278c5bc9591ff5bcf5c79f72233581873863af1cd11d31
5f34936804ef87d38cb3da7083afff8da1790ce4c4835fb14ce19faf2a902d54
5f9181b1ccb588657e94bde83bbaba1c53fcf04fd83894abcd7d9768a4f84008
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60c7d97854bbcb0fc0fe30b925b982094a88e305bafa954e2afac152634b96ba
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
617242459354e45035adae7f1ca37ab2518e3afc439cd74dd9e3d3d5d66cf8e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6222140896142b59b5f2b19a202ad0dd10a2226d571a589f1b0c6800a790b448
623f2215b04f4c48ecb7599af6c7966a6f390300bc1a09708a4beb62ca8d4115
62400d3b173a8a5377fc1b7680e537bb683bc683bd00cfeaee4188b8be8c5793
62d5ad83a4e33983a920bf6654fcc57fc3fef27407a914148d97068e7ddd9fcf
633a54ca5234c3c99e76501033ad4b7cb9f3f53db5d477030c01c3de0a24e31a
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63caaadeba0072cf03950aeefa88ed4d22a46300ddc4f6f9e601ced7988e2341
63cb35133865eac473826f95c6a9d64ff1fa3da71403ea4f1981e5de9bcd69bd
64df6be83710a92cda3d19adabb16fe84dc5080c8b678bfb7a252c6e89490af4
65835335424b63be5a40052ba1d0ccd3d494fcf99535f895e10e10b72293d362
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
665bcd3188471e35131aeb6d34b908d35d6ab94038def716688ca830c140ae49
66c3fdb6b5dcdf6b55b6f4d25d728b4e56e623ad2288519c5aec05d919b65aa8
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
699f0d9590b667b0f009d591382cc9b7c0e13a08ffd67a3286b4bb3da4516598
69d4ae0c662947222fdd776ff92af956dab993da28f129f7d9cbf039eb489b9a
6acff1111933c6f57a6c318d36cc774e7f037027145c71de37be9f6b4ad7075d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae2348b4cf656920a059aaf921a6bd86822a9fb063930211736fa81e75c8311
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9066f4646798c780d999196a760b1aea321f36fe47e904cabfca546205b309
6c529e436f076bdd932736e1e7c90e229bff81b381de87eb8697f7222c0d841e
6c9e90df541b7beb64ac1622ef22ab6b45c75fe6123e1a94a19785ab23dc64d5
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6f90dd8deacfbfdc14fe0e04c9c7bcee76bf850a735f6a10cc897415f5d2d8a2
71a910c68b3e45db2d8ab1e31552f7c5ef0079acb31b6c1176daf6a279b877d8
72f3f3cd7e9f5172238905bf829e33642b6a05e626a1bdada820fd831fa77250
73e1d661da97f11a17cd2bb520ecfde66de86813f0d2dd57dadfcac647272d23
75e190489d7a48a86fa7bb93f67abedb315d197679154f0ceedfbe21205a964f
763c2ecb7f2465ff810839237d1082b7fd8d6404f71e66bda24e57a5fc8deaf4
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79783072b9b43fbbfbf4d2af23f382cab1ed06c91d905b3718cf3ad7487b9e63
7991029fa688ccfbfacbea0357dd80dac66eab87448014baaa256d5a7bc095e2
7a69759da40e034f214cad570cc327587c3d306b91bb95f49f1c690d4d721b57
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7b693d8da29562f334ba025368dc2be7eb4dd9fe1af6e84c78be80f69a2efd36
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7c9b4720ecb0228a7b59dbe3c2954336d078c97eaa47d7001f4f62d63962c735
7cb2684d87a94d305f9780d2d2e6f4fb1023a3487f90e11dce73da4c4ece620e
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e07991dea3dc6bdff2d03f9b0a0a699d33ccc9b3490ba1ba324809f60498869
7e15a983b3f8aab9eda42d1bfe995aec6c50d023742725da9d4dd4040491baf1
7e18d5c218f0251067e8384fa66b88bba8e2d9d375b101ec284bc4d72c550445
7eb04f17cbb19351ff7460524e005ddbb927ea427730ce0de1bb56e778782eaa
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f2868bb12a08d48bd982378095b09b19c428d5db5ae7d4a139f8f5d35d0d1a7
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80149d1dee0ed711e09a7c419da52e83abbf557279e9f3353875278b740968d1
822f5d782144a32ad42a8110cb54db60fb5effc9dbc09b7a1f69f71b8fad9c1e
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82e89beedb33e91aeeee6bb0231ae24da72ead91cb7f9e226ec219c80160d069
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bab880a0de1e62bf78df1be20b053ee67c32951e01581387dc3bbb0ea61fbe
844d16730113c50876b1ea84b4ba3a56a4c0f115d04b8a25da0d558f1d799b00
84c14e7c3d709578cead982cd8aec7f31a6974705bb0ce8d57800e6b1a6ed79d
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85ba03424cf0a803f7ddc324b0fe865cefd4616beeb73f2508ba580dc77f57f7
864f0ce9d65968828761c9ae0da708eb0596ed496012242a1fd3ac3af0c37553
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86d2710b74cb980134f029c623ba6b0a8b111d7e09f6dd1e99c0632713328f88
86dcec074dbfc057d84e6a0682a09b1d4fdca48c8b7db48db0ea2bb53921db0f
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87608651a792a2c64173c3efbd6e3fddbef6ab3e960f64ec8e12bacefabfc9b2
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8a9333a639719887ee0dd2b1249ff87857b39d2799e3d76a954ac54179546616
8b84623c84e43579c6e2d890de78a387a55dd5d9a0e8ed561cd86a0e029c15ba
8c2a1834ee0a07c71a2c9cfce0b5516eade86be0cd45607fb83c86527633f706
8c9750908a03d795133b57791444f81f933ab878656d5aa063acce0248a467f8
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ce7b197b18381a99ebc30e734f7f80f0a3f652e9db8305fd25ae878d4a5e76e
8d36539e976c1ee09265c23da9144e2f6298c133d187a46782c2fe156f6daca4
8ec6608975685661f534d4e1b6618252a85773ad081a5c0cb09514383b91dab1
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
90bdfdc8a8be5e5ea522cebea1fd344b609feee857e824994a5af18de3949fb7
9153c1ca27e27bcbc558c2a027011742fdd39a7e463da6d715d6560561ef47f2
923c37d8d88e7379aab644697c1f53a86f78fb59f6c527beade7ed81edfa992e
92a892e22e10dd05e4beb9ab83b029569d4cecf8315d1cbcccb28e01b2e19fcd
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
9393846288c48ac5c6819ce619e138f4ee8d01535a9498fc7e26982a287bf8f9
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
95f7f4c1cbf38685a6de7b8f3218361bd3594e38ca6b8ad21f05791f9a69483b
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
963431a56e56cfed976886eba37c3a36ce09dc3a8b4833f13fc58ef945f682a5
9684d04690cd4dfbd10ffa59b52354c23b9261efd2bbfa13ee96d8f695500529
96d66ae034f09eab8282feb0a9fd951c2a12f7b5419981da6bfdb81453e658ec
97f1eb201e8f22c380eca564ab77a91ea1d8aae955401f405313f6ef399bc17e
98840d0e3b2c403a18446f878eda50d37dfb704a8b2573495b3d84a38365dd6f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99887c8a3e382dd055b9504a2141c52fd90fa929ebf16f39ba8526a2c7110362
99a58af9f28e81ddda237d0db14f1e4a2a9d41aa330e87db2eaf9249acd82236
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c3d68ecc45ad44eae051f3032a36c470ebdbb1641ea2051886a785775fd479
9a24302675a692f64e2b9cbc3e681276add63a455141559b69befca3972d54de
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9accf506ec4cfa8a192410698197b965671f7c2374caaabc40fbc1d26cd44519
9b0e73f508e6a2d4074048e8bb4a46b73b693da437c2102cec203f089b237bf9
9b54937b4057321da428bfe09e1c6d859cda4a6349c6a8cdaa34e356cf3e8fd6
9b84b14b202c50ebc46f9e384faf635855140859ffd36c5a923c5ffeef64cba1
9c074099e09f8693abcd0958779718834c8c65abd625347898483817ca50ee25
9cbedf23789d66226d8fc2f213369162b7b9c142f5a2ed1ae70d631b1a24d1f9
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9d3f1c662e17df833dc43643fbce771aa27d74db12d4baa18688a5d6a30eaf9f
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ec1780246d28288d94b8ebc647d37766e61d8b31c29bf9264fba31be29e22ca
9f29fda0e6c11022b808b8450553d5fc5e78a8c26e3948d1eb9cd7c24d4f3f24
9fc470be7cb069c9120f67400d54ce3c46a3bee92c8de5bc08e7d2f23a81b846
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13377b7382f35764c0871f85c4238b26ee9a4293b716fe02c158b22229dd24f
a1845f5ca0b463e2c1e541342d0d1d4d40ad9d10ce62f19818393dec477b7757
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a20ccaf6978bd71c43456b6bc78288abdc57c3b6fa987eecb2e9f59b69d384e1
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3e6b7308f574919308c9f6887ce5b2986fbcf19305dbe5f922f3ea9b0ce37d2
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fd61571410d4c8ca709d921b3b86b9c9e944d3d0459a482195bd83e18be21e
a54517b03468a66a0819a1d00eb8aecb97f52a780e76b56ec6c1d52d249f809d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7af97e5db5c3c213190d691dcf5bc771a875aa621d6019ed07c1807a099df74
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a8aaaf4196d188a3bbcb0c2218ab5935b2309d2a07aa7ff3c7721bd1cceed69f
a9ef5895bd7f807078862598d231c2dded9b60d11f6399a49f3cfc456cda2218
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab4d34fd3cfb26efb5e2806e2869c760ef89c01e5dc76b7c431d00bd5247ea20
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ace5c7a57a33a8c21d81ff1ab27c6e2fb71d14c98f007bc9e990880063a32b42
add8676db3e2f2b6e681d707ec2c2077c3091d42fbcdffe13515245c5faec607
ae19ed24c334366c2f9f55d8b536dfeece7c763203a3abb9a6b60d095d3f8dce
ae55d382203e7ca4264edae52f77624e1e8138050953bce45d3f335347209a40
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aebf42a14c7967370bae13dd7203bc346365de172113d310f77e21ec52a17efc
affd98b9378bbe335e9ac74f2feecb47543387ca5dd22944419f96d98e0d9128
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f8bf949ecfe6133db96d42a0bfdb78bca0449c9b4a6f0d2696d6b02b380bbf
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b694f4ca98e61d5ad862aa2019b9ece6aceca63651a049f47e9549013b6e39a6
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b92db4ab2e721fae21ca1f423a3139aeaf040a4f86cbacf75d3473194774af64
ba605786cfb90ed828ab9d2c256a211e28949b3ca0a2cc8d6f9fe00e3cf16d4f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbbe1e1a1dbd10f743ac10627c5bcd412587c8f3694e043ffc1b42a0bfddcdb8
bbc299a5a1d5b540985c92596c26419800e1c11cfe9c54af06baa4fc82912c0e
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc4f703b8a5ceb3192bece929966aa36ec63abbec760c256369b667ef15bf175
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bcb6d1ac23ff4213e1e22b790a5892a8e9106d8d97f3c3c3e7c67013872c42b9
bd074bc63edb8296f379053322ada9741e6ded26f9fedf7efa8973c5761e80ad
be90bf543540af2b683946e4d211e9842fc7f4312b3b8929198ff664e4257cbb
c0aa1ad0dabf82098d546036334ebda9ceddc3840ff4390836cf422d523d4b9a
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c147dfce401e5e7e2d0f5fa2b9cd2164960e85bb34689f29c770ad353197f659
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c207445e576fd50219748f0dab6904d65385ca7a42a146d6d21cc8220635a30c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24525fed8c7bdaaded0838f195c025788f8e848f0833f774b418499770d8844
c3a3f7d24e555b79f73a1d5770b14d1456f33b9d4da7d5599d2ad5a1c4a2ac37
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c4f7dc98522529acbf36e413025ea01d951d34044f84f5f6ffd7b7e17ebfc967
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5c57b0da319215591dde819ae77e437636ef4afe4a94d13e8b74b87988c9b05
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
c7121f6196ff51ed18523a8d356faea5d9241a95d6b7f0d1191a132eea6d262b
c7297837b8015d2f8558dfda07a190991923a060f5888ef213b4624e88faa3c6
c7d5a8fe27242d6b7391910d6bdfc3cfee9687ad6b1a97b72d7f5a091556e70c
c80d4c5696cec395d003b6e76e288b065ef35cb188743d8c74e7b5a0658d07e1
c998da8897d0645f9f06da676b75f5e8ecb2fa07bbd546e054ba36816db7aa68
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
cc2ac1dfbdee15497630e1e749b0728e483e10fdb02fcee0340caf414c7d4e3c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc60e516f0baf18842a5af7bcc2a954216b5e7f920d8236aa883bbd55e873969
cd03d11351c930f319e80055ae27e9ad56be3642a034648a5a62a10822ffea8b
cd1d8c67b5111d413f5f823ed5c17dd08154ed09cd370f8855916aaf34c479dd
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
ce991ab910b4d5d3e6901da33c20218eade3470148559932ae0bd3343c9c4b6e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf65d9ec426bd3ecda70d618f1d789e47563d408ccc0460697aa51193dea9165
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d139c4d745d92050b6cdb799c27b1503b5040a34506a0a52a31b44ccc3c2eb9e
d2b1ec375703b8320e5f342744bce5f995c4ad351df294a5009f0ed5ec7e7619
d2d034edf69a74c7c538496dd8054a207852072a4e7db3efda08da614ca965b4
d43ff03ab80f81f266774cedd1c8e839aa6fe9340e66b43e7a02510726cf3a1c
d5de6a492eec0c85725a0fb6a14dfb084d255c5915b03df9360f91d7630f3c1e
d5e5f32ef3dcb28c15ec31d9d305a4d38776f6de57902f43ebe4e0302626d2ec
d61458a665ceca31abe727ad64b3d0cafba8d6698f71dfd26e0251be41f7ba6e
d6acfb1a3acb8b98e34ef20506a28b3555b66a2e1d015aff51df475886ea5696
d785c2e687ac3effe87f49b4c9ce112eaab66198f4a655765b91025050fd76b8
d847e0ca1de72e6ea6ee76f6e0b1d691f70bb32779d3b2f0bbcd7ec4a4d4d014
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d86120fb9383705f56580ae2b9b9251126c8a727a7aec2e6a1cf09d41ab3a891
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
da407df3b1ea65d97c950196fa297df872f34afc11935f373f2b22232f159cd3
db87f96c37964c300a1e14b46eed853cbaf0f679594ba0f0523662f918d17c01
dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a
dcad926af3fa4bfc63ead68ddceebddc41491310b4168dc6e89b1ec1065feea9
dd76ff2389dd1eaa9f18dd3d809ee4c7f1582568864c27d881241649077e9e2c
de1e3295c73e9e709cb79c3a89647a6f16a24d798f3ba9ed040c8a98a4e8d5aa
de288483797bef7622c4eb1c2e66860067fab0da7ddc661d4baa9ccb0001dbc8
de67a62db6da8cd030da7dbe265b824217d72b8ae71e01191668fbe6b90e53ad
de94077acf16c052c361333a76162ff9ad664240e7e80ca58f714709a07a188b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deab2e7ced9ecd10dc3a77f89b3e32d6b7a6befdee2f8e84a9ab702031e48d1c
df3186df6df487ed591fa020ba2bcef11884c0cdfd212d22ddad6f3ff45734cb
df89283695b6065a1741d57f46ced9cde84176226d51797ce9d9827ef07fc0dc
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201
e115127def093f5e6f699a79ef6042014cb9c52e868423208694ec37f313211b
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e1adc1aae1fc03eeb7e55e09cece19cb8520409250b98c8950dc8b3ae58ea35f
e1e4be2d00e62192c9b303b09ed73765284b1f624a60698fa68f303ab038ad4a
e22ceb85d9003064316ef62f7bfac2885b6dace2f90f36e2bcc608bcbd631511
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2b4575b4edd142aac003bb68bd30c7c5195baf691bf005aba961626c69a2b28
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3570725a333fb1545ddfd93f335f3cc9fbb3e7e342dbf990020cdaa3e9f2bd1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e497b9e7df15c9e78f61051a604657d7d02db1a49ce15aaeb703ddb567d05780
e4def753f5267c3df33bfc705fe00b4b0995ea351f34d29ae2106efac8afca70
e647e5c51ad1e9a955261f5cb1a3dca39af56995baa6865fd0f47ae4a39e2ab9
e6579bf2dcea73c6baa50d7b8a995644cfd6f071711e52b0bd6b71659052f86b
e6acc092d263539bf15339b6441850f66e744ac89695fb52206ae7c51aff3f75
e74d0f692473e4a1a14987ea3f8bef5956156dfec78e8c971d7f054995b1105c
e774a4ba8949ba61584f7ac3fd9d0d8c2b8fc2a7d72841006a56e2ab4ab00091
e81c248b5ead146b62a1d4da26be147cf9873e714e74e66daa5bd113a0e0d2ba
e8e260667aaf894b165ae959bab6c605ab4e4c29c4ee66e18245dded3d60d1a0
e9642f5fbeff6a11fd1e8d29f62481cc23514472fb51d0d1e4ee4f257dbc8af3
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
eb7e691692074a51ad95e6c1cabb30d45e66c545b8d028fae6ace94a90e83da2
ec81883165ab62da081d30a61477cc026552bb2ea7937a6342193fa91359f9b6
ecb29605f3f09f44873be5fc98e4e8db3fcf987774164258c3cac3605c4738d7
ecb71d348a4e2ff8b718782659850f16205da47610715fad0279efd82d8309c3
ee7ff1eed3f7840715dce0305f26e798cafe4cbc518fc3d7d39f307ce6d6ca09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ec42d2a26bbcf5af95ddff13ec24f52b1a566015445fb1dff12cbc97ea7168
f375518ca1476ba30f04b2afaed6bf131988213771edd0793c5ddccc20066c2c
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f415c607a8148698844b24089b2dc2e8ccf73f4724d07f459a1689b9a84d0dc6
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f75db606df95776cba9c16fcf66c20eccc8442d7eaf3e65d62246d36c2aabaff
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
f9cdccf5cd2da244d74d2953328ebf308071d5ed694ec021bea083a49e1e3e79
fa50403d97a58d82a2f93265e14d08fac34efc1729e339e71e91043a16b18bec
fa7bc8f68da861888a83c088b618f1e8b508ed612278f3963d05372d99b2a9c3
fbe9d510ea45de189488ba8857b3c02ebe29f1f4ab960003e08d25cbf6421ef3
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd6ad8f1977e08865783ce753bf61ebce42cfc6415384d9d6478ba7d6c7a367a
fd8a3005553b3d2b833462417b542ca50eb2727e61469610b6fbbb87710d9a3d
fd8b82604e602cc8ed7ff9da84542bad57b419ed634ccf0ee9dab358eb84f114
fed26b9a4831dd951494ad6682d4dd157ae4bb53e05358b09ee8cbda6e7c3594
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8
ff7b267315145f4b0e335aad31708f8f0363b3d9ae17604477278765d6f69d1b
ffaf136ecb5996c8bc521b9f8678ca9e132d3f9009278b29060a7efc8dac4f18
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914