urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.slcyber.io/e3t/Ctc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT...
Effective URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm...
Submission Tags: falconsandbox
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 13 countries across 73 domains to perform 340 HTTP transactions. The main IP is 2001:8d8:100f:f000::289, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is securityaffairs.co. The Cisco Umbrella rank of the primary domain is 337897.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on March 24th 2022. Valid for: a year.
This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
44 2001:8d8:100f... 8560 (IONOS-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 88.221.168.23 16625 (AKAMAI-AS)
11 68.183.31.14 14061 (DIGITALOC...)
9 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
2 52.29.244.112 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 95.101.200.23 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 54.76.86.77 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 162.19.138.116 16276 (OVH)
5 35.71.131.137 16509 (AMAZON-02)
3 5 37.252.171.22 29990 (ASN-APPNEX)
1 162.19.138.83 16276 (OVH)
5 137.184.242.150 14061 (DIGITALOC...)
4 34.107.148.139 396982 (GOOGLE-CL...)
4 2602:803:c004... 26667 (RUBICONPR...)
4 185.64.189.112 62713 (AS-PUBMATIC)
8 34.98.64.218 396982 (GOOGLE-CL...)
4 81.17.55.161 60781 (LEASEWEB-...)
4 18.158.86.169 16509 (AMAZON-02)
4 69.166.1.14 27630 (AS-XFERNET)
4 52.28.22.239 16509 (AMAZON-02)
4 34.149.20.76 15169 (GOOGLE)
1 13 37.252.173.27 29990 (ASN-APPNEX)
4 216.52.2.48 32475 (SINGLEHOP...)
4 18.156.195.47 16509 (AMAZON-02)
1 2 185.172.90.251 49981 (WORLDSTREAM)
1 51.89.9.254 16276 (OVH)
29 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 88.221.168.189 16625 (AKAMAI-AS)
4 104.17.120.107 13335 (CLOUDFLAR...)
2 23.203.77.3 16625 (AKAMAI-AS)
5 88.221.168.201 16625 (AKAMAI-AS)
1 67.202.105.23 32748 (STEADFAST)
4 185.64.190.78 62713 (AS-PUBMATIC)
2 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.95.125.22 16509 (AMAZON-02)
2 5 69.173.144.138 26667 (RUBICONPR...)
6 7 142.250.184.194 15169 (GOOGLE)
2 3 52.46.130.91 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
3 4 37.157.6.253 198622 (ADFORM)
2 2 213.155.156.164 1299 (TWELVE99 ...)
23 185.64.189.110 62713 (AS-PUBMATIC)
2 2 103.229.206.241 30419 (MEDIAMATH...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 3 54.217.231.82 16509 (AMAZON-02)
1 1 34.237.81.207 14618 (AMAZON-AES)
2 2 151.101.130.49 54113 (FASTLY)
1 35.214.236.176 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 5.161.54.172 213230 (HETZNER-C...)
1 1 141.95.171.139 16276 (OVH)
1 1 141.94.171.212 16276 (OVH)
1 99.80.121.57 16509 (AMAZON-02)
1 195.5.165.20 44968 (IPROM-AS)
1 173.231.178.117 32475 (SINGLEHOP...)
2 2 213.19.147.44 26120 (RHYTHMONE)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 1 51.222.80.231 16276 (OVH)
3 4 35.204.74.118 396982 (GOOGLE-CL...)
3 3 3.64.28.4 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 3.126.56.137 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.149 13768 (COGECO-PEER1)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
3 38.91.45.7 ()
6 6 3.123.150.182 16509 (AMAZON-02)
6 6 35.201.96.126 15169 (GOOGLE)
3 185.64.189.229 ()
3 6 77.243.60.138 ()
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 6 18.210.87.63 ()
3 52.30.93.115 ()
3 3 50.17.236.145 ()
340 80
2    2606:2c40::c73c:6702 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
email.slcyber.io
44    2001:8d8:100f:f000::289 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
securityaffairs.co
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2600:9000:20e8:ac00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
4    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
11    68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
9    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    52.29.244.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-244-112.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com
lg3.media.net
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700:20::ac43:4471 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
1    54.76.86.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
5    137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
4    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
pixfuture2-d.openx.net
u.openx.net
4    81.17.55.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
4    18.158.86.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-86-169.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
4    52.28.22.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
13    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    185.172.90.251 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net
ads.us.e-planning.net
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
29    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
partner.googleadservices.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
24    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    88.221.168.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-189.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    104.17.120.107 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    67.202.105.23 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
7    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2a05:d018:d29:3605:4b46:c66c:4b14:20a7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
23    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    54.217.231.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-231-82.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    34.237.81.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-81-207.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
1    99.80.121.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-121-57.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    173.231.178.117 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-9.sys.adgear.com
cm.adgrx.com
2    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
4    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
3    3.64.28.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-28-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
6    3.123.150.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-150-182.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
3    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
6    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
6    18.210.87.63 (None, )

ASN- ()
a.audrte.com
3    52.30.93.115 (None, )

ASN- ()
rtb.gumgum.com
3    50.17.236.145 (None, )

ASN- ()
sync.ipredictive.com
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
766 KB
44 securityaffairs.co
securityaffairs.co — Cisco Umbrella Rank: 337897
1 MB
42 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 724
ads.pubmatic.com — Cisco Umbrella Rank: 732
image6.pubmatic.com — Cisco Umbrella Rank: 922
image2.pubmatic.com — Cisco Umbrella Rank: 1407
simage2.pubmatic.com — Cisco Umbrella Rank: 979
image4.pubmatic.com — Cisco Umbrella Rank: 1503
simage4.pubmatic.com — Cisco Umbrella Rank: 1586
aud.pubmatic.com
56 KB
22 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 690
ib.adnxs.com — Cisco Umbrella Rank: 313
acdn.adnxs.com — Cisco Umbrella Rank: 880
83 KB
18 pixfuture.com
served-by.pixfuture.com — Cisco Umbrella Rank: 60062
cdn.pixfuture.com — Cisco Umbrella Rank: 67869
prebidserver.pixfuture.com — Cisco Umbrella Rank: 82375
482 KB
15 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 681
eus.rubiconproject.com — Cisco Umbrella Rank: 826
token.rubiconproject.com — Cisco Umbrella Rank: 1059
pixel.rubiconproject.com — Cisco Umbrella Rank: 483
18 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
78 KB
11 wp.com
i0.wp.com — Cisco Umbrella Rank: 3805
stats.wp.com — Cisco Umbrella Rank: 3367
pixel.wp.com — Cisco Umbrella Rank: 2816
72 KB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 809
lg3.media.net — Cisco Umbrella Rank: 5677
prebid.media.net — Cisco Umbrella Rank: 1868
37 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 134
www.google.com — Cisco Umbrella Rank: 17
3 KB
8 openx.net
pixfuture2-d.openx.net — Cisco Umbrella Rank: 88429
u.openx.net — Cisco Umbrella Rank: 977
1 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1256
s.amazon-adsystem.com — Cisco Umbrella Rank: 412
5 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
75 KB
7 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1180
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 715
ups.analytics.yahoo.com — Cisco Umbrella Rank: 407
2 KB
6 audrte.com
a.audrte.com
5 KB
6 semasio.net
uipglob.semasio.net
4 KB
6 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 6615
1 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1319
4 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 3109
ssc-cms.33across.com — Cisco Umbrella Rank: 1473
862 B
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 457
1 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 481
mug.criteo.com — Cisco Umbrella Rank: 1946
dis.criteo.com — Cisco Umbrella Rank: 941
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1432
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1002
2 KB
4 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 4646
4 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
3 KB
4 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 4141
637 B
4 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2786
3 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1559
633 B
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1881
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
region1.google-analytics.com — Cisco Umbrella Rank: 2041
20 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
221 KB
3 ipredictive.com
sync.ipredictive.com
2 KB
3 gumgum.com
rtb.gumgum.com
625 B
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3155
846 B
3 deepintent.com
match.deepintent.com
99 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 415
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 818
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
141 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5594
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1047
442 B
3 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 12056
l.sharethis.com — Cisco Umbrella Rank: 5828
9 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6413
750 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 784
1 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12850
pixel.onaudience.com — Cisco Umbrella Rank: 4133
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1486
s.tribalfusion.com — Cisco Umbrella Rank: 3468
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 916
747 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6929
562 B
2 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5082
427 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 678
1 KB
2 slcyber.io
email.slcyber.io
4 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4946
464 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 4189
534 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1214
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 930
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4676
104 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2319
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7375
279 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1112
265 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 15503
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8583
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1264
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1051
613 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2184
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 989
590 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 815
704 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1095
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1556
405 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 759
463 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2624
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118 Failed
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165
6 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
340 73
Domain Requested by
44 securityaffairs.co email.slcyber.io
securityaffairs.co
26 pagead2.googlesyndication.com cdn.pixfuture.com
pagead2.googlesyndication.com
www.gstatic.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
24 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
18 simage2.pubmatic.com ads.pubmatic.com
13 ib.adnxs.com 1 redirects cdn.pixfuture.com
acdn.adnxs.com
11 served-by.pixfuture.com securityaffairs.co
cdn.pixfuture.com
9 i0.wp.com securityaffairs.co
7 cm.g.doubleclick.net 6 redirects
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 a.audrte.com 3 redirects
6 uipglob.semasio.net 3 redirects
6 visitor.fiftyt.com 6 redirects
6 pm.w55c.net 6 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 pixel.rubiconproject.com 2 redirects
5 www.google.com 2 redirects tpc.googlesyndication.com
5 ads.pubmatic.com cdn.pixfuture.com
ads.pubmatic.com
5 prebidserver.pixfuture.com cdn.pixfuture.com
5 secure.adnxs.com 3 redirects
5 match.adsrvr.org cdn.pixfuture.com
ads.pubmatic.com
5 contextual.media.net securityaffairs.co
cdn.pixfuture.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 u.openx.net cdn.pixfuture.com
4 biddr.brealtime.com cdn.pixfuture.com
4 acdn.adnxs.com cdn.pixfuture.com
4 www.gstatic.com googleads.g.doubleclick.net
4 c2shb.pubgw.yahoo.com cdn.pixfuture.com
4 ap.lijit.com cdn.pixfuture.com
4 ssc.33across.com cdn.pixfuture.com
4 hb.emxdgt.com cdn.pixfuture.com
4 apex.go.sonobi.com cdn.pixfuture.com
4 btlr.sharethrough.com cdn.pixfuture.com
4 prg.smartadserver.com cdn.pixfuture.com
4 pixfuture2-d.openx.net cdn.pixfuture.com
4 hbopenbid.pubmatic.com cdn.pixfuture.com
4 fastlane.rubiconproject.com cdn.pixfuture.com
4 prebid.media.net cdn.pixfuture.com
4 www.googletagmanager.com securityaffairs.co
www.googletagmanager.com
3 sync.ipredictive.com 3 redirects
3 rtb.gumgum.com ads.pubmatic.com
3 mwzeom.zeotap.com ads.pubmatic.com
3 aud.pubmatic.com
3 match.deepintent.com ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 s.amazon-adsystem.com 2 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
2 pool.admedo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com cdn.pixfuture.com
eus.rubiconproject.com
2 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
2 id5-sync.com cdn.pixfuture.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 lg3.media.net securityaffairs.co
2 l.sharethis.com ws.sharethis.com
securityaffairs.co
2 email.slcyber.io 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 px.ads.linkedin.com
1 ssc-cms.33across.com cdn.pixfuture.com
1 onetag-sys.com cdn.pixfuture.com
1 lb.eu-1-id5-sync.com cdn.pixfuture.com
1 aa.agkn.com cdn.pixfuture.com
1 pixel.wp.com securityaffairs.co
1 secure.gravatar.com securityaffairs.co
1 stats.wp.com securityaffairs.co
1 fonts.googleapis.com securityaffairs.co
googleads.g.doubleclick.net
1 ws.sharethis.com securityaffairs.co
1 maxcdn.bootstrapcdn.com securityaffairs.co
0 api.rlcdn.com Failed cdn.pixfuture.com
340 106
Subject Issuer Validity Valid
email.slcyber.io
Cloudflare Inc ECC CA-3		 2022-05-12 -
2023-05-11		 a year crt.sh
www.securityaffairs.co
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-24 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-30 -
2022-12-03		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-23 -
2023-11-23		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh

This page contains 70 frames:

Primary Page: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Frame ID: 7D2CC435F131D237A8F62026F1306C62
Requests: 150 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: AB5B1ADED4E1E55E0AC584E425C16598
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: A06D5591625A1268085201AF2A85BC01
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: BFCDC7D39AD3263BE705D27F72B81F0B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E2344AF63677CC14F3843FA1335B1FDF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 234785F93F25CE8ECCB73433BB551F1A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 16C03F99A6B70B0023561B1FD98113D7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Frame ID: F8B4364DDE546F406FEF6029B52A7F47
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Frame ID: E08D2EB65F535BBA5E26C9709C37A1E6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Frame ID: 9D164F50B4597804A0969880792A4302
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: D3D2C3452E776E1F98BC4098EE32C564
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CCF69B4CFE674D00A5499DBB8F651C90
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E0625ED9C7D06C142AC2B4697520A563
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9ECF848D11ACA4613638B5811C5A0FF6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B05A76A5B464930D3971FEFA84C0ECCE
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 1BE6D19540909ABC2A77678850B8CDC1
Requests: 19 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 07227DD07EEE7313B0C6E87BE1EA06A7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3015214D818827A016A03CBA4969592D
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 7C68AC1A4AE90D7BD5292C54368D215A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: D3B0A6D7718CE859076F5C281F8F6E2F
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: C8038BD2FBD538EB32299A734A540098
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 62DCB370E5073D757412BE64598CC8D8
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F5BD3EBF3AADE689CF8C392442444FB4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 503B1518F2F5E55B35FB58F5BE35E1C5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D26BA5D6E91B5854FA6EF214F489629
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 5621B5B3DBC2A71A82FCB6B18D835240
Requests: 8 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: FEF44E094F94F025B9BD55B6A40EB669
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 827681789577DF509271E90D9B6CE13A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BB6A9CDD47EB7FDD0E088B3613654C57
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5F988D6D1935C3F7F7647B71B664DD35
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 2CE076D08F58E9EE8555A1D04D1D9D65
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 43DEE5BC4343AAB9AD746D35029C9C97
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 596F8F3402D52F744B67BEC1FA3B2EFA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CFB19509A9507F8B329F95D32E7527A7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: 9E3475A394522A5441A4EECC166BC065
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: AAE798FFB6F16C9BA0F19B4B4D7EDF7D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: E8480137543E9FAEA012DBB55470C897
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
Frame ID: BE94453E50EF87D19F11B886FFAF9A0C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1914410202436098911
Frame ID: D412F4CCCCAD6DE99B1BC57668F0E8D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&gdpr=0&gdpr_consent=
Frame ID: 8A255CC4205C9E4AFFF7E0A89CC77EA3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D9115E79D8D96E4C73CF6EE1F8016A24
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=382834A1-A282-4EBD-87DE-DDA31788D509&redir=true&gdpr=0&gdpr_consent=
Frame ID: 5CC1183EA7F8DE557F8E81572F6D4D88
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2165484231869203558&gdpr=0&gdpr_consent=
Frame ID: 85A6DA0C118FA26553B8652F1A6BB434
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v
Frame ID: EB8537B650818A488D9E96405657DEC8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7161750067938588824&gdpr=0&gdpr_consent=
Frame ID: 65D0970E02F47236D9684BF38DAFEC5D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: C7941368FAA2FDCB5A33265CFD0AC66C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pms0I_-CSMFB7H6PLhQww7Ki0Yc
Frame ID: 2BF7AD49C5598BB30349E8024D80089D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2OlvgAE3ocN0QAW&gdpr=0&gdpr_consent=&_test=Y2OlvgAE3ocN0QAW
Frame ID: 98C8A743DA74C9F83628409409F61331
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: F4B06D65D30499B8C48E04A6C6950919
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2D4807F5CDACAE253BA202A4ADD9B958
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CC82BDF67D6346F6A6012CFF7C7A337B
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b31966f5d28e9ac3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhYbRUUMVQXSnRgjY
Frame ID: C212E6DD8E9CB7F18FE7ED7B4C5215C5
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 92ED7DE671823DACA8ECB3EEAEE28605
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5B565D89841BD4B0A6D83EFAD03EEA29
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1970562155
Frame ID: 44638E2C001AFAFAB0942DCC943D0201
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA33CF3642DB6CF71BBA8A80D3C79020
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5A5CAE8B50FD36B32096E97CF80779B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C424DFDDE3BF291D6BB2EEC8CAA52696
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E6336561533934A2B04CB35000CD385
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E09900B25952AE8B1393E14CD00DC560
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C331C8EAB05E3E433A173487FDD163D7
Requests: 2 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 0E614FA0CB3B52806542B4684DF00B27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Frame ID: 4D1605277F64FCB744D3A584C036EC63
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Frame ID: 5B611494CC943AB3A8384A95AA5BF98B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 530BF5A0CB3C0612299A0DCF009576B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Frame ID: 1DD7D8DB7CE7BE116CB934535CAA8DE9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Frame ID: 89C0E7BFD48D549A9B6CC2E255FDF5CA
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4713A614BAD46EA541FEDCE6F384A8EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Frame ID: 55913CA1E287BAAC26F8FDDC8E9F5B0F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Fq8eiQCH1OQyo95&gdpr=0&gdpr_consent=
Frame ID: 3F72B64F142B1E7A2438E12851AAFC3F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Liz Truss 's phone was allegedly hacked by Russian spiesSecurity Affairs

Page URL History Show full URLs

  1. https://email.slcyber.io/e3t/Ctc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-... Page URL
  2. https://email.slcyber.io/events/public/v1/encoded/track/tc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JV... HTTP 307
    https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

340
Requests

89 %
HTTPS

28 %
IPv6

73
Domains

106
Subdomains

80
IPs

13
Countries

3366 kB
Transfer

5951 kB
Size

89
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.slcyber.io/e3t/Ctc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT9tVPV7xr6VmN6TW9kmH9S85K0GsN1Wd0MtsPhlGW9kVT8Z3Z9xbnW6JB12B2QpNNqW7kn5jB21yCxbW4h8BxJ7k8hGXW8Y469p5ZFHj0W1Fw24h5bB_RrW22fF1v2mckJ4N5wV2PLkvjTKW5STZNb7ljRY8W2Z11BJ3lLgtrW3mCg0W6F7BxlW2Q353j6vqt6RW380wZB1wC_K2W68By263qck61W6-Xl2T78L-WJW7ynnhF7lQ4ZKW2tdcsj7VlLNcW6Kmsbz7hPK4xW1sTjL07C_-4fW8rb_pS8WZpZ5W47cNrK2NdmJZW6YYMnm8g0crXW24vLn_8c92mBVY68mM6L9snk3p-G1 Page URL
  2. https://email.slcyber.io/events/public/v1/encoded/track/tc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT9tVPV7xr6VmN6TW9kmH9S85K0GsN1Wd0MtsPhlGW9kVT8Z3Z9xbnW6JB12B2QpNNqW7kn5jB21yCxbW4h8BxJ7k8hGXW8Y469p5ZFHj0W1Fw24h5bB_RrW22fF1v2mckJ4N5wV2PLkvjTKW5STZNb7ljRY8W2Z11BJ3lLgtrW3mCg0W6F7BxlW2Q353j6vqt6RW380wZB1wC_K2W68By263qck61W6-Xl2T78L-WJW7ynnhF7lQ4ZKW2tdcsj7VlLNcW6Kmsbz7hPK4xW1sTjL07C_-4fW8rb_pS8WZpZ5W47cNrK2NdmJZW6YYMnm8g0crXW24vLn_8c92mBVY68mM6L9snk3p-G1?_ud=a1acae7b-e6cc-420b-a701-364ef4b1dacd&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=AGaup3xIWi9iRUhFTzZRRXZvMFc0TmlUbkFwNW5IWDNtMHBGY3U4WXZmNGhsQXFrc0lxMU1RSjJQREYvMTFCcEpON0M1bnRjSFc3VGpHSVR0R2dyZXFGVSsxdEtEemlwT3k1MXQ0bDBzQkhxbnFDdENUOHZJM1U2MFRJRzIyOUhZNTJaS1hNaXJia3pPcGFBSmgwUUV0cGJDZzkrejlaUnM2cWl0VDNmaklkUjRRdzdydVdSc1h5dlRVWStCNXdvUU1UQ1Q4VjFIZjRsR01YMmxPbTR5bmVRY1R0OGhmOEFub2ZiOXJ4dmVZVGFFTnRYUjF1ZmpTVVY1Sm9IVnJSNFpENFVyfA&cppv=2
Request Chain 89
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Request Chain 90
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Request Chain 147
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 229
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 235
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 236
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA0ZHL8X-1N-LV72
Request Chain 237
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Qpn0frzaR8SM-Fq2eBd1VQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Qpn0frzaR8SM-Fq2eBd1VQ
Request Chain 238
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwWkhMOFgtMU4tTFY3Mg==
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHfzzkf-KPhP8G-i5Fu39cA&google_cver=1
Request Chain 241
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=NTczYWI3MTU4M2Y3ODEwYmQ2MDJlY2RlNDllMDdhNmM5MDViNzZiYw&google_cm HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=ebda-test&google_gid=CAESEPBC0brCfrxGsJtt6WVwG1o&google_cver=1
Request Chain 242
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QM7JvoKBSfSEmf0UwqZ6AA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QM7JvoKBSfSEmf0UwqZ6AA
Request Chain 244
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/A269e2dqo-KbLZ2c8ffPsMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4608194136100957829
Request Chain 254
  • https://c1.adform.net/serving/cookie/match?party=14&cid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
Request Chain 255
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1914410202436098911
Request Chain 256
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&gdpr=0&gdpr_consent=
Request Chain 259
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2165484231869203558&gdpr=0&gdpr_consent=
Request Chain 260
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v
Request Chain 261
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7161750067938588824&gdpr=0&gdpr_consent=
Request Chain 262
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLbkZVN0d4MHNBQUNDUHNkR05Vdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 263
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pms0I_-CSMFB7H6PLhQww7Ki0Yc
Request Chain 264
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y2OlvgAE3ocN0QAW HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2OlvgAE3ocN0QAW&gdpr=0&gdpr_consent=&_test=Y2OlvgAE3ocN0QAW
Request Chain 266
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 268
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b31966f5d28e9ac3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhYbRUUMVQXSnRgjY
Request Chain 271
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667474878911 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1970562155
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OCg0oaKCTr2H3t2jF4jVCQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 273
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97e96363-a5bf-4400-b8fc-12d38910136f
Request Chain 274
  • https://pixel.onaudience.com/?partner=214&mapped=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzgyODM0QTEtQTI4Mi00RUJELTg3REUtRERBMzE3ODhENTA5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHEypul9LiEFeXHGuQ0qheU&google_cver=1
Request Chain 278
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3736669264297645271
Request Chain 280
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f889234b-c19a-4131-8c63-77c706f918fa HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f889234b-c19a-4131-8c63-77c706f918fa HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9cf9b9b1-2ae8-4f1e-afc1-fa9e1097c326&user_group=1&ssp=pubmatic&bsw_param=f889234b-c19a-4131-8c63-77c706f918fa HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f889234b-c19a-4131-8c63-77c706f918fa&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 282
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=382834A1-A282-4EBD-87DE-DDA31788D509&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ggGwx7xE2uW7GH63rmTa6a9CDzwHCSo-~A&gdpr=0&gdpr_consent=
Request Chain 285
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4214113906061359010&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 286
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:535629bb-53dd-4632-8a29-fc1cec9fd86c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 287
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2165484231869203558
Request Chain 317
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Request Chain 318
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Request Chain 319
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
Request Chain 320
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 322
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=382834A1-A282-4EBD-87DE-DDA31788D509 HTTP 302
  • https://a.audrte.com/p
Request Chain 324
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=edae1db3-6d5c-4e25-8cd1-1ebd8016b031&gdpr=0&gdpr_consent=
Request Chain 325
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
Request Chain 326
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 328
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=382834A1-A282-4EBD-87DE-DDA31788D509 HTTP 302
  • https://a.audrte.com/p
Request Chain 331
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Request Chain 332
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0e5469df-9ecc-4aed-86c0-31b2c166f0fc&gdpr=0&gdpr_consent=
Request Chain 333
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Request Chain 334
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
Request Chain 335
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 337
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=382834A1-A282-4EBD-87DE-DDA31788D509 HTTP 302
  • https://a.audrte.com/p
Request Chain 340
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Request Chain 341
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=67ec9dcc-4f49-4435-adc4-7294d7860c0f&gdpr=0&gdpr_consent=
Request Chain 342
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Fq8eiQCH1OQyo95&gdpr=0&gdpr_consent=

340 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT9tVPV7xr6VmN6TW9kmH9S85K0GsN1Wd0MtsPhlGW9kVT8Z3Z9xbnW6JB12B2QpNNqW7kn5jB21yCxbW4h8BxJ7k8hGXW8Y469p5ZFHj0W1Fw24h5bB_RrW22fF1v2...
email.slcyber.io/e3t/Ctc/DO+113/d30F1B04/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://email.slcyber.io/e3t/Ctc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT9tVPV7xr6VmN6TW9kmH9S85K0GsN1Wd0MtsPhlGW9kVT8Z3Z9xbnW6JB12B2QpNNqW7kn5jB21yCxbW4h8BxJ7k8hGXW8Y469p5ZFHj0W1Fw24h5bB_RrW22fF1v2mckJ4N5wV2PLkvjTKW5STZNb7ljRY8W2Z11BJ3lLgtrW3mCg0W6F7BxlW2Q353j6vqt6RW380wZB1wC_K2W68By263qck61W6-Xl2T78L-WJW7ynnhF7lQ4ZKW2tdcsj7VlLNcW6Kmsbz7hPK4xW1sTjL07C_-4fW8rb_pS8WZpZ5W47cNrK2NdmJZW6YYMnm8g0crXW24vLn_8c92mBVY68mM6L9snk3p-G1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7644c365de0a0a53-AMS
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 03 Nov 2022 11:27:53 GMT
last-modified
Thu, 03 Nov 2022 11:27:53 GMT
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
32f54d6f-1721-4909-88cc-dec84dcc4aaf
x-robots-tag
none
Primary Request liz-truss-phone-hacked.html
securityaffairs.co/wordpress/137826/intelligence/
Redirect Chain
  • https://email.slcyber.io/events/public/v1/encoded/track/tc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT9tVPV7xr6VmN6TW9kmH9S85K0GsN1Wd0MtsPhlGW9kVT8Z3Z9x...
  • https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-U...
98 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Requested by
Host: email.slcyber.io
URL: https://email.slcyber.io/e3t/Ctc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT9tVPV7xr6VmN6TW9kmH9S85K0GsN1Wd0MtsPhlGW9kVT8Z3Z9xbnW6JB12B2QpNNqW7kn5jB21yCxbW4h8BxJ7k8hGXW8Y469p5ZFHj0W1Fw24h5bB_RrW22fF1v2mckJ4N5wV2PLkvjTKW5STZNb7ljRY8W2Z11BJ3lLgtrW3mCg0W6F7BxlW2Q353j6vqt6RW380wZB1wC_K2W68By263qck61W6-Xl2T78L-WJW7ynnhF7lQ4ZKW2tdcsj7VlLNcW6Kmsbz7hPK4xW1sTjL07C_-4fW8rb_pS8WZpZ5W47cNrK2NdmJZW6YYMnm8g0crXW24vLn_8c92mBVY68mM6L9snk3p-G1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9e5061f8f48d0cf9e31dae1629f54343394020c0c986df6fcee03ebd7af7b212

Request headers

Referer
https://email.slcyber.io/e3t/Ctc/DO+113/d30F1B04/VVC6hR5zWtbSW1l17BD62gN8JVBzM2_4RXtXSN8_nRGQ3q3phV1-WJV7CgY3SW7HP4kP93VT9tVPV7xr6VmN6TW9kmH9S85K0GsN1Wd0MtsPhlGW9kVT8Z3Z9xbnW6JB12B2QpNNqW7kn5jB21yCxbW4h8BxJ7k8hGXW8Y469p5ZFHj0W1Fw24h5bB_RrW22fF1v2mckJ4N5wV2PLkvjTKW5STZNb7ljRY8W2Z11BJ3lLgtrW3mCg0W6F7BxlW2Q353j6vqt6RW380wZB1wC_K2W68By263qck61W6-Xl2T78L-WJW7ynnhF7lQ4ZKW2tdcsj7VlLNcW6Kmsbz7hPK4xW1sTjL07C_-4fW8rb_pS8WZpZ5W47cNrK2NdmJZW6YYMnm8g0crXW24vLn_8c92mBVY68mM6L9snk3p-G1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:53 GMT
link
<https://securityaffairs.co/wordpress/wp-json/>; rel="https://api.w.org/", <https://securityaffairs.co/wordpress/wp-json/wp/v2/posts/137826>; rel="alternate"; type="application/json", <https://securityaffairs.co/wordpress/?p=137826>; rel=shortlink
server
Apache
x-pingback
https://securityaffairs.co/wordpress/xmlrpc.php

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7644c366bffd0a53-AMS
date
Thu, 03 Nov 2022 11:27:53 GMT
link
<https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email>; rel="canonical"
location
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
bb4356fb-7e18-4d5a-a7f2-d46470fb0efd
x-robots-tag
none
style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ 		101 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6acaf1e28f06b9575940731ab904b18dde4d2bf52618c42fddb14d0d9b6c028c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Tue, 12 Jul 2022 21:45:23 GMT
server
Apache
accept-ranges
bytes
etag
"193c1-5e3a295f4b1f7"
content-length
103361
content-type
text/css
mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"2bf8-5b61073acf500"
content-length
11256
content-type
text/css
wp-mediaelement.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/wp-mediaelement.css?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
Apache
accept-ranges
bytes
etag
"1360-597430d761a00"
content-length
4960
content-type
text/css
cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 26 Oct 2022 21:55:35 GMT
server
Apache
accept-ranges
bytes
etag
"c22-5ebf7159aca52"
content-length
3106
content-type
text/css
cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 26 Oct 2022 21:55:35 GMT
server
Apache
accept-ranges
bytes
etag
"6a71-5ebf7159aca52"
content-length
27249
content-type
text/css
ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 		142 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=1666305205
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
27af6a936f27c245f807aef4673133e343b4d791c45ada798049d38a55e3634c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Thu, 20 Oct 2022 22:33:25 GMT
server
Apache
accept-ranges
bytes
etag
"23833-5eb7ee9e40fc3"
content-length
145459
content-type
text/css
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=8.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
860
age
1178942
cdn-cachedat
08/25/2022 04:42:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"04425bbdc6243fc6e54bf8984fe50330"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
44001e188336ca248d5459295c1ad757
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7644c36f38ecbb83-FRA
cdn-requestpullsuccess
True
custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
Apache
accept-ranges
bytes
etag
"4d92-52704407f72c0"
content-length
19858
content-type
text/css
tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		539 B
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"21b-526fe6d7cd700"
content-length
539
content-type
text/css
flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
Apache
accept-ranges
bytes
etag
"1851-5270441180940"
content-length
6225
content-type
text/css
animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"6b4-526fe6d5e5280"
content-length
1716
content-type
text/css
font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"4574-526fe6d5e5280"
content-length
17780
content-type
text/css
swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"118d-526fe6e527680"
content-length
4493
content-type
text/css
jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		334 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"14e-526fe6d5e5280"
content-length
334
content-type
text/css
screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		110 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"1b844-526fe6d7cd700"
content-length
112708
content-type
text/css
custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/css; charset: UTF-8;charset=UTF-8
date
Thu, 03 Nov 2022 11:27:54 GMT
server
Apache
grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		49 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
Apache
accept-ranges
bytes
etag
"c5f2-526fe6d6d94c0"
content-length
50674
content-type
text/css
sharing.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=11.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
dda6ad33ac53197002b0e3c6c09f3714a6c79b73969d15666500689d8fc50d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Tue, 04 Oct 2022 21:50:57 GMT
server
Apache
accept-ranges
bytes
etag
"4991-5ea3c74811a26"
content-length
18833
content-type
text/css
social-logos.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=11.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Tue, 04 Oct 2022 21:50:53 GMT
server
Apache
accept-ranges
bytes
etag
"312f-5ea3c74511173"
content-length
12591
content-type
text/css
jquery.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		282 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=3.6.0
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Fri, 23 Jul 2021 22:11:53 GMT
server
Apache
accept-ranges
bytes
etag
"46758-5c7d1b0de3c40"
content-length
288600
content-type
application/javascript
jquery-migrate.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"62d4-5b61073acf500"
content-length
25300
content-type
application/javascript
cookie-law-info-public.js
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 26 Oct 2022 21:55:35 GMT
server
Apache
accept-ranges
bytes
etag
"8583-5ebf7159ae992"
content-length
34179
content-type
application/javascript
medianetAdInjector.js
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/ 		562 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Sat, 08 May 2021 23:27:41 GMT
server
Apache
accept-ranges
bytes
etag
"232-5c1d9e402b540"
content-length
562
content-type
application/javascript
st_insights.js
ws.sharethis.com/button/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ac00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 00:40:09 GMT
content-encoding
gzip
via
1.1 117b54f007fbf40fc2a4bbbd8e88fc20.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
TXL52-C1
age
83573
x-cache
Hit from cloudfront
content-length
7903
server
nginx/1.20.1
etag
W/"634f185a-6a64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
_R4wYc9DsF7hXT27_5k0EgzHrnQbNwKiFc33hpglz-PzFLP-CpgWDw==
expires
Sat, 05 Nov 2022 12:15:01 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f581ebb13df469f5d292a2da3904398d2acbf9f5005794305d2ba7b14cf0211c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43601
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Nov 2022 11:27:55 GMT
dmedianet.js
contextual.media.net/ 		368 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-mnt-h
21-j9fs
strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 11:27:55 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
content-length
368
expires
Thu, 03 Nov 2022 11:32:55 GMT
logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 17:30:42 GMT
server
Apache
accept-ranges
bytes
etag
"b0e9-5270743f5f480"
content-length
45289
content-type
image/png
headerbid.js
served-by.pixfuture.com/www/delivery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cacf3cc6bdad466ccf18c534caf82219ab9c43b30d007c4cbc9e80383761ff46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Fri, 30 Sep 2022 14:10:09 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6336f8c1-74c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
1868
UK-Government.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/11/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/11/UK-Government.jpg?resize=300%2C187&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
996fd3686ff0e891b6ae5948d1b59dc477b908dd4b2d9f68bf175e39cf7470c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Oct 2022 19:43:40 GMT
server
nginx
etag
"f47bdae4eb313f2c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2015/11/UK-Government.jpg>; rel="canonical"
content-length
9554
expires
Wed, 30 Oct 2024 07:43:40 GMT
twemoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 25 May 2022 22:59:02 GMT
server
Apache
accept-ranges
bytes
etag
"7e90-5dfde04f437ff"
content-length
32400
content-type
application/javascript
wp-emoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Tue, 31 Mar 2020 22:49:14 GMT
server
Apache
accept-ranges
bytes
etag
"231d-5a22e60748e80"
content-length
8989
content-type
application/javascript
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		830 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 20:34:29 GMT
server
nginx
etag
"509a053c355d6394"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length
830
expires
Sat, 11 Jun 2022 08:34:29 GMT
twitter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"fbafb4fa36d9fc66"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length
1082
expires
Sat, 05 Nov 2022 20:12:40 GMT
linkedin.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"8daaaf021369fdba"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length
1184
expires
Sat, 05 Nov 2022 20:12:40 GMT
tiktok-app.jpg
securityaffairs.co/wordpress/wp-content/uploads/2020/01/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2020/01/tiktok-app.jpg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
18e85f0ffb42614435980499c2a34ae6b797eeb46188fe9bf2992826d1b4f832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Fri, 03 Jan 2020 15:23:56 GMT
server
Apache
accept-ranges
bytes
etag
"6dc1-59b3de5e73b00"
content-length
28097
content-type
image/jpeg
fortinet-logo.jpg
securityaffairs.co/wordpress/wp-content/uploads/2019/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2019/11/fortinet-logo.jpg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1d46379abdd62b883f6bd28811ca322873ce95f0a87381b6f42919f8b77c7d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Tue, 26 Nov 2019 00:22:59 GMT
server
Apache
accept-ranges
bytes
etag
"3e99-59834e1e29ec0"
content-length
16025
content-type
image/jpeg
image-12.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/10/image-12.png?resize=300%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
2554d9c9870bd40839683f0641c539d118db3a2dd2fce47a17656d296733775d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Oct 2022 18:34:48 GMT
server
nginx
etag
"08aedebbd7ac73ba"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2022/10/image-12.png>; rel="canonical"
content-length
22474
expires
Wed, 30 Oct 2024 06:34:48 GMT
photon.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Tue, 04 Oct 2022 21:50:56 GMT
server
Apache
accept-ranges
bytes
etag
"6e0-5ea3c747daf29"
content-length
1760
content-type
application/javascript
jquery.adrotate.clicktracker.js
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 		365 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Thu, 20 Oct 2022 05:23:06 GMT
server
Apache
accept-ranges
bytes
etag
"16d-5eb708528adb1"
content-length
365
content-type
application/javascript
ssba.js
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1666305206
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9b978821f78e7bd3a48e5ae8fd7121a291eec506579406745800ca0590f0907c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Thu, 20 Oct 2022 22:33:26 GMT
server
Apache
accept-ranges
bytes
etag
"7c3-5eb7ee9e54842"
content-length
1987
content-type
application/javascript
hint.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:54 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3db-526fe6e433440"
content-length
987
content-type
application/javascript
jquery.tipsy.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1113-526fe6e433440"
content-length
4371
content-type
application/javascript
jquery.easing.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1fa1-526fe6e433440"
content-length
8097
content-type
application/javascript
browser.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"a36-526fe6e33f200"
content-length
2614
content-type
application/javascript
jquery.flexslider-min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
server
Apache
accept-ranges
bytes
etag
"53ae-5270441274b80"
content-length
21422
content-type
application/javascript
waypoints.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"1f6c-526fe6e527680"
content-length
8044
content-type
application/javascript
mediaelement-and-player.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
server
Apache
accept-ranges
bytes
etag
"11571-5270441645480"
content-length
71025
content-type
application/javascript
jquery.swipebox.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"2a67-526fe6e433440"
content-length
10855
content-type
application/javascript
jquery.circliful.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"c18-526fe6e433440"
content-length
3096
content-type
application/javascript
jquery.smarticker.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3225-526fe6e433440"
content-length
12837
content-type
application/javascript
custom.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"31d4-526fe6e33f200"
content-length
12756
content-type
application/javascript
sharing.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=11.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
c09fa9679fb13cb821998f533f0f3b51a4a1756bbc05004aef91f8f217c54712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Tue, 04 Oct 2022 21:50:57 GMT
server
Apache
accept-ranges
bytes
etag
"45a7-5ea3c74811a26"
content-length
17831
content-type
application/javascript
e-202244.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202244.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn
date
Thu, 03 Nov 2022 11:27:55 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sat, 21 Oct 2023 06:38:30 GMT
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1667474875530.91201&hostname=securityaffairs.co&location=%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%20and%20Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&title=Liz%20Truss%20%27s%20phone%20was%20allegedly%20hacked%20by%20Russian%20spiesSecurity%20Affairs&sop=false&description=According%20to%20the%20Daily%20Mail%2C%20Former%20British%20Prime%20Minister%20Liz%20Truss%20%E2%80%98s%20personal%20phone%20was%20hacked%20by%20Russian%20spies.%20The%20personal%20mobile%20phone%20of%20British%20Prime%20Minister%20Liz%20Truss%20was%20hacked%20by%20cyber%20spies%20suspected%20of%20working%20for%20the%20Kremlin%2C%20the%20Daily%20Mail%20reported.%20According%20to%20the%20British%20tabloid%2C%20the%20cyber-spies%20are%20believed%20to%20have%20%5B%E2%80%A6%5D
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.3.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-244-112.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 11:27:55 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f3bb12a0437547eed84bd6e877bc50f94f5acc0d34cf0cfcb7376e3999146dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39959
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Nov 2022 11:27:55 GMT
fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
server
Apache
accept-ranges
bytes
etag
"ad90-526fe6dc92240"
content-length
44432
content-type
application/font-woff
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin
https://securityaffairs.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 03 Nov 2022 11:27:55 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Thu, 03 Nov 2022 11:32:55 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"156244085faab7d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
6414
expires
Sat, 05 Nov 2022 20:12:40 GMT
logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"312ff21e46f29f3d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7482
expires
Sat, 05 Nov 2022 20:12:40 GMT
newsletter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Dec 2020 07:29:12 GMT
server
nginx
etag
"a6fb49f7a00a0498"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
6336
expires
Thu, 15 Dec 2022 19:29:12 GMT
EU-Blog-e.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Jun 2022 21:28:00 GMT
server
nginx
etag
"89e5fea0740da8de"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length
13098
expires
Sat, 22 Jun 2024 09:28:00 GMT
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1667474875530.91201&hostname=securityaffairs.co&location=%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%20and%20Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&title=Liz%20Truss%20%27s%20phone%20was%20allegedly%20hacked%20by%20Russian%20spiesSecurity%20Affairs&sop=false&description=According%20to%20the%20Daily%20Mail%2C%20Former%20British%20Prime%20Minister%20Liz%20Truss%20%E2%80%98s%20personal%20phone%20was%20hacked%20by%20Russian%20spies.%20The%20personal%20mobile%20phone%20of%20British%20Prime%20Minister%20Liz%20Truss%20was%20hacked%20by%20cyber%20spies%20suspected%20of%20working%20for%20the%20Kremlin%2C%20the%20Daily%20Mail%20reported.%20According%20to%20the%20British%20tabloid%2C%20the%20cyber-spies%20are%20believed%20to%20have%20%5B%E2%80%A6%5D&description=According%20to%20the%20Daily%20Mail%2C%20Former%20British%20Prime%20Minister%20Liz%20Truss%20%E2%80%98s%20personal%20phone%20was%20hacked%20by%20Russian%20spies.%20The%20personal%20mobile%20phone%20of%20British%20Prime%20Minister%20Liz%20Truss%20was%20hacked%20by%20cyber%20spies%20suspected%20of%20working%20for%20the%20Kremlin%2C%20the%20Daily%20Mail%20reported.%20According%20to%20the%20British%20tabloid%2C%20the%20cyber-spies%20are%20believed%20to%20have%20%5B%E2%80%A6%5D&img_pview=true
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-244-112.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 11:27:55 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=29506073&post=137826&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=&fcp=0&rand=0.6804631298625035
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Nov 2022 11:27:55 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
flping.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 03 Nov 2022 11:27:55 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=18708
Connection
keep-alive
Content-Length
15
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 03 Nov 2022 11:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
721
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 03 Nov 2022 13:15:54 GMT
js
www.googletagmanager.com/gtag/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c559a796ad3e8b95667c1ea3206e641bb139345eb5a6f6f4effc42e4a1daea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66541
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Nov 2022 11:27:55 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6fbeec2a0ff3771cda013a0369ac47a2f15fb3d2513ae4ab82fbffc66b40317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75885
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Nov 2022 11:27:55 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1232792283&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Liz%20Truss%20%27s%20phone%20was%20allegedly%20hacked%20by%20Russian%20spiesSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1269203097&gjid=998930802&cid=1783480724.1667474876&tid=UA-59069958-1&_gid=1323955502.1667474876&_r=1&gtm=2oub20&did=dZTNiMT&gdid=dZTNiMT&z=1386354787
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
339 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=2oeav0&_p=1232792283&gdid=dZTNiMT&cid=1783480724.1667474876&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667474875&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&dt=Liz%20Truss%20%27s%20phone%20was%20allegedly%20hacked%20by%20Russian%20spiesSecurity%20Affairs&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=2oeb20&_p=1232792283&cid=1783480724.1667474876&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667474875&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&dt=Liz%20Truss%20%27s%20phone%20was%20allegedly%20hacked%20by%20Russian%20spiesSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_v2.js
cdn.pixfuture.com/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a636a80f12103f3cafeca1018ddf9b05b8f5210e68fb298e41efe4d83f03aa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 31 Oct 2022 15:50:32 GMT
server
cloudflare
age
70599
etag
W/"635feec8-9020"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbSdAbJnBus7EWXjoTnSorcj5jhEhhHc4FlABkPRBd4urlLhHLoqRTCbD32wexeXkF1et3%2FhpRVlIBjYWfzNxXfp5bN4B70Gp%2BoC5BNi8O4oneR5RkREEmMApQhIH391WXcfLVts8rNS2g%2BBfJZa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=172800, no-transform
cf-ray
7644c37699f79bef-FRA
expires
Fri, 04 Nov 2022 15:51:15 GMT
pbix.js
cdn.pixfuture.com/ 		395 KB
396 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf927c4e61681bb6f40d5a1d2be968567eb720a667d6c259db51332884e06d91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:55 GMT
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 15 Sep 2022 14:24:21 GMT
server
cloudflare
age
159285
cf-polished
origSize=405747
etag
W/"63233595-630f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RkuGhfMWdYTJAQqyD%2BLliGrxYmc7tqt9OcVx1EGPchyCo56dhgOMQjAZm8OVWaCNNpBDWe2n%2Bil3p1N5qtfAjMUl5Mv%2FFEj6GTL6aUZo7r8KWHMWbi99C5Ii2jHu19CK4J23jnP1AqEt8WlsdAN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
cf-ray
7644c376ca8a9bef-FRA
expires
Thu, 03 Nov 2022 15:12:43 GMT
r.js
aa.agkn.com/adscores/ 		0
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.86.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24270x300x250x4142x_ADSLOT1&keywords=liz,truss,s,phone,was,allegedly,hacked,russian,spiessecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9b0c86837c11f41f7e17114ef1171830127e96f5d9b4985bb88799dcc287a4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24274x728x90x4142x_ADSLOT1&keywords=liz,truss,s,phone,was,allegedly,hacked,russian,spiessecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c1865f590c6ba50088b02d680811e06d8b6959f06ce362ae05add4d5a624188e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=liz,truss,s,phone,was,allegedly,hacked,russian,spiessecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
aee862d8258f21f543ed1af8e6aa992765b4ea0a2ec62ec752f1783986168544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=liz,truss,s,phone,was,allegedly,hacked,russian,spiessecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
aee862d8258f21f543ed1af8e6aa992765b4ea0a2ec62ec752f1783986168544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
flping.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 03 Nov 2022 11:27:56 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=18707
Connection
keep-alive
Content-Length
15
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://securityaffairs.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 03 Nov 2022 11:27:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
686863
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=AGaup3xIWi9iRUhFTzZRRXZvMFc0TmlUbkFwNW5IWDNtMHBGY3U4WXZmNGhsQXFrc0lxMU1RSjJQREYvMTFCcEpON0M1bnRjSFc3VGpHSVR0R2dyZXFGVSsxdEtEemlwT3k1MXQ0bDBzQkhxbnFDdENUOHZJM1U2MFRJRz...
359 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AGaup3xIWi9iRUhFTzZRRXZvMFc0TmlUbkFwNW5IWDNtMHBGY3U4WXZmNGhsQXFrc0lxMU1RSjJQREYvMTFCcEpON0M1bnRjSFc3VGpHSVR0R2dyZXFGVSsxdEtEemlwT3k1MXQ0bDBzQkhxbnFDdENUOHZJM1U2MFRJRzIyOUhZNTJaS1hNaXJia3pPcGFBSmgwUUV0cGJDZzkrejlaUnM2cWl0VDNmaklkUjRRdzdydVdSc1h5dlRVWStCNXdvUU1UQ1Q4VjFIZjRsR01YMmxPbTR5bmVRY1R0OGhmOEFub2ZiOXJ4dmVZVGFFTnRYUjF1ZmpTVVY1Sm9IVnJSNFpENFVyfA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0fdd431da934a4c1aba9662ee744d6b0cf46db8f7bd96ee422c9cf956d21e0c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1665209
expires
0

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=AGaup3xIWi9iRUhFTzZRRXZvMFc0TmlUbkFwNW5IWDNtMHBGY3U4WXZmNGhsQXFrc0lxMU1RSjJQREYvMTFCcEpON0M1bnRjSFc3VGpHSVR0R2dyZXFGVSsxdEtEemlwT3k1MXQ0bDBzQkhxbnFDdENUOHZJM1U2MFRJRzIyOUhZNTJaS1hNaXJia3pPcGFBSmgwUUV0cGJDZzkrejlaUnM2cWl0VDNmaklkUjRRdzdydVdSc1h5dlRVWStCNXdvUU1UQ1Q4VjFIZjRsR01YMmxPbTR5bmVRY1R0OGhmOEFub2ZiOXJ4dmVZVGFFTnRYUjF1ZmpTVVY1Sm9IVnJSNFpENFVyfA&cppv=2
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
660169
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
30c10e77fb5111948c15e36f5a51896e63da94fac26e843092b675052c78e480

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Nov 2022 11:27:56 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 03 Dec 2022 11:27:56 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
0
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
3bb22279-74f8-4c9e-a23c-3852979f2ac9
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
305d654a-288a-4143-a763-7c7c88c0a214
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
0
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
92619607-ba39-46d5-9815-07c40c45a9c9
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
16f96a5e-a694-4379-9ecb-4039e1a8d73e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
bbd718e2ca9790b13812906630296f094610efaff904255a35468663b3415ac8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AGaup3xIWi9iRUhFTzZRRXZvMFc0TmlUbkFwNW5IWDNtMHBGY3U4WXZmNGhsQXFrc0lxMU1RSjJQREYvMTFCcEpON0M1bnRjSFc3VGpHSVR0R2dyZXFGVSsxdEtEemlwT3k1MXQ0bDBzQkhxbnFDdENUOHZJM1U2MFRJRzIyOUhZNTJaS1hNaXJia3pPcGFBSmgwUUV0cGJDZzkrejlaUnM2cWl0VDNmaklkUjRRdzdydVdSc1h5dlRVWStCNXdvUU1UQ1Q4VjFIZjRsR01YMmxPbTR5bmVRY1R0OGhmOEFub2ZiOXJ4dmVZVGFFTnRYUjF1ZmpTVVY1Sm9IVnJSNFpENFVyfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 03 Nov 2022 11:27:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
519885
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_sync
prebidserver.pixfuture.com/ 		523 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1209f3934925264933f0aa1e5ade0785c82278d5c9f7500823e287e006f9f79f

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
523
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		277 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
117432e6b3ece6dbda2daeff896af71cf5f3ccded5ba1855cec60feaf94adc2c

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
277
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6a2ccd1afa70321bf134629c4381925c33cb55597e6c7839be9f6c6118009930

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_pubcid.org=ac190537-8e16-4e91-b139-3cf4909d68e0%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=b7204938-cb5a-4fd1-9b47-3c388dc1b255&l_pb_bid_id=8569783d401614&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5782192972941742
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ca6eadda72b5d9978a6a3b5cbe629c42734b42f0e57d553c98e6bcf3bba4f70

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b7204938-cb5a-4fd1-9b47-3c388dc1b255&nocache=1667474876472&pubcid=ac190537-8e16-4e91-b139-3cf4909d68e0&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2c2970347a7b2d4a845e8795b2d81abe37c7f9930704cb2d393d6fe2998a2a48

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
trinity.json
apex.go.sonobi.com/ 		95 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2218faa7d0c47ac91%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&s=4a3d78b8-2688-4a23-a1de-695a1c780cbf&pv=8a6676cb-52c1-413f-be32-d04f40a37f72&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=liz%2Ctruss%2Cs%2Cphone%2Cwas%2Callegedly%2Chacked%2Crussian%2Cspiessecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
876dd5ebce523b9f343eb36b339cc086611c7a849648634e982a36d411b408fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-106
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667474876477&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.22.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
hb
ssc.33across.com/api/v1/ 		87 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5235c1b123fdcdf102d3835a834f7947b935de8703a084f8e2281ecbc8b0d02a

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		19 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
f853da51-2af7-48b9-936d-beec799ad8ce
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a60cc329826c65370f55810f4b5db18ecf3320e109db34dcbe42fcb4c07b2f64

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 03 Nov 2022 11:27:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
529.json
id5-sync.com/g/v2/ 		216 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
262b7ef412f61ca156453cd239f2c8f5f050d69ead9f18aed386a8f9088e71ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://securityaffairs.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://securityaffairs.co
access-control-max-age
600
age
0
content-length
0
date
Thu, 03 Nov 2022 11:27:56 GMT
server
ATS/9.1.10.25
auction
prebidserver.pixfuture.com/openrtb2/ 		277 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
bc7d120c6cec8364c2d8541a626867fc24ad8287b27c58cdf8327cb4f3611f75

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
277
expires
0
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6ac204034b637dbf0d3b88948375ee84f5786fbedcd48cc3603b6aa25984d142

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
62c6fc4554f96a0ba7540d361180aec047061623c77ce71195055e20881555e9

Request headers

Referer
https://securityaffairs.co/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Nov 2022 11:27:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
content-length
66
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=2&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,dafbf3c5-5afa-4b26-9bce-17f5d1353ebc,,&eid_pubcid.org=ac190537-8e16-4e91-b139-3cf4909d68e0%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=47047ed1-7a7d-4c50-aefb-179892a98073&l_pb_bid_id=38e6e4bce2973bb&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3665284359655092
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8539166b40b40c29be7621dcd5897c8fde788f1889bf700103e0a804922a9a55

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ee7ce9b27518dc2dbcdc29b9ee2a11ad7a5017d6af39da4f592b8fd112366bbf

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 03 Nov 2022 11:27:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667474876505&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.22.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=47047ed1-7a7d-4c50-aefb-179892a98073&nocache=1667474876506&pubcid=ac190537-8e16-4e91-b139-3cf4909d68e0&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2Cdafbf3c5-5afa-4b26-9bce-17f5d1353ebc%2C%2C&aus=728x90&divids=24274x728x90x4142x_ADSLOT1&aucs=&auid=540580842&tps=bXlrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b50f88c4c9eac514aa30031cfcd757db369cc931e0d31cbeb236d1ef1e4e1170

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9cd0a470409ee86f474ccdcca22f9d3db2791cadff8301353e87cf3bc1d890ac

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3f6835ca22ab32fc6f76cbc41eb29d0475cd74f549004f7b34099b72b7fb0bb2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
d74fd396-3b20-4e7d-853b-1833a0cf5578
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22532d9cd4fbd5dea%22%3A%22951d83dd852c9348161e%7C728x90%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&s=fcdd74ed-b2d1-4753-9fc4-ea48aa51375a&pv=8a6676cb-52c1-413f-be32-d04f40a37f72&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%22dafbf3c5-5afa-4b26-9bce-17f5d1353ebc%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=liz%2Ctruss%2Cs%2Cphone%2Cwas%2Callegedly%2Chacked%2Crussian%2Cspiessecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c95a5fe90dcc41cce3910db09c9b7d032702f62a4ac0038a840641d5ec0664b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-122
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://securityaffairs.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://securityaffairs.co
access-control-max-age
600
age
0
content-length
0
date
Thu, 03 Nov 2022 11:27:56 GMT
server
ATS/9.1.10.25
auction
prebidserver.pixfuture.com/openrtb2/ 		277 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b9aa64fbedf2b8c9d11b0127189b6cd286c2548134af0090e59f71b984e12091

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
277
expires
0
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:55 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,dafbf3c5-5afa-4b26-9bce-17f5d1353ebc,,&eid_pubcid.org=ac190537-8e16-4e91-b139-3cf4909d68e0%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=3240b490-c7cd-431c-b9b7-4792ab872d31&l_pb_bid_id=706a55cf92c53af&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5852954768172729
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
daba1111f671a31e5442c3aa61b99909d44cc8f6e7276cd1174b1c4851b280b6

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22729335e52e3554b%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&s=d876d5cd-0dbf-44af-b7eb-1791686ccd09&pv=8a6676cb-52c1-413f-be32-d04f40a37f72&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%22dafbf3c5-5afa-4b26-9bce-17f5d1353ebc%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=liz%2Ctruss%2Cs%2Cphone%2Cwas%2Callegedly%2Chacked%2Crussian%2Cspiessecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
54f92224a20be73141c20c90b4bca07070da53ba2e61beff0119978862334103
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-48
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
612527b9ac38ad50013cbb8b954bab01e8f9fa4e46132a44f9b43f83655ccfb3

Request headers

Referer
https://securityaffairs.co/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Nov 2022 11:27:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
content-length
66
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667474876521&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.22.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a594ede9ca8889ddfb007af69b98c0975f4d13c1cb53fcda8475d4f58b0ba4e8

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 03 Nov 2022 11:27:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
prebid.media.net/rtb/ 		1 KB
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3fa82e995f42dc27cb2a9a884c744e3aeabc2959c2411594650fe97edda9731f

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b9dd7017b745ffae598a05d4e36a957f4a7591b5819539f9b212049fde50df52

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		19 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
32fc44cc-8cc3-4e69-812f-2dd6a9bc0af6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
pixfuture2-d.openx.net/w/1.0/ 		72 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3240b490-c7cd-431c-b9b7-4792ab872d31&nocache=1667474876524&pubcid=ac190537-8e16-4e91-b139-3cf4909d68e0&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2Ca06ea698-deb7-49bc-b42c-8123452e1a64%2C%2C&aus=300x250&divids=24270x300x250x4142x_ADSLOT1&aucs=&auid=540580840&tps=bXlrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9ac4660104e785f6692da2b1019cf7f71511305fe5cf941a51dac1de573dba0d

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebidserver.pixfuture.com/openrtb2/ 		276 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
4f5f06c5cba8b3f247e6e556e26ac209c53afdc0bd7638b332e5390aff634b55

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
276
expires
0
v1
btlr.sharethrough.com/universal/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667474876533&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.22.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=14c7fd8a-63f1-4f7e-a93c-c50ddd2d7d90&nocache=1667474876533&pubcid=ac190537-8e16-4e91-b139-3cf4909d68e0&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2Ca06ea698-deb7-49bc-b42c-8123452e1a64%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPWxpeix0cnVzcyxzLHBob25lLHdhcyxhbGxlZ2VkbHksaGFja2VkLHJ1c3NpYW4sc3BpZXNzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
16bf8f28c3defc823c087c92250645243d9c3d61071e2b88b84dbb9d844589b7

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Thu, 03 Nov 2022 11:27:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e5b3603d79396d44ac1e4cb60efeb13884b680c305787b7cb558a9f16b769d0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
trinity.json
apex.go.sonobi.com/ 		96 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221041e70989a2ae2b%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&s=fdec247b-cdb2-4576-9a19-29e9e19c2d68&pv=8a6676cb-52c1-413f-be32-d04f40a37f72&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%22a06ea698-deb7-49bc-b42c-8123452e1a64%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac190537-8e16-4e91-b139-3cf4909d68e0%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=liz%2Ctruss%2Cs%2Cphone%2Cwas%2Callegedly%2Chacked%2Crussian%2Cspiessecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
4ffd1653a579e769b5b9279676881b482c4e12f4ad187cfc0474fa94ee8ef26f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-115
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,a06ea698-deb7-49bc-b42c-8123452e1a64,,&eid_pubcid.org=ac190537-8e16-4e91-b139-3cf4909d68e0%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=14c7fd8a-63f1-4f7e-a93c-c50ddd2d7d90&l_pb_bid_id=1069f5f5b8e1a0fc&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24398322752773982
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
006290bc1b10f888c629ad156a5c46d61323e7257dc071445f6b24bd6c9f8f81

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2334b044148c510137d0d2fda895defe5706dc7c54efc6d8b0dfda55247612e7

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Nov 2022 11:27:56 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		19 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:56 GMT
AN-X-Request-Uuid
3ef6a011-3f1c-4986-9fd1-d83f7987ebd9
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ 		25 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f68537c8547d39b666e8da118904675d62890741a9f8ef0f697141f94c60b407

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 03 Nov 2022 11:27:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
/
ads.us.e-planning.net/uspd/1/ Frame AB5B
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
13 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
13
content-type
text/html
date
Thu, 03 Nov 2022 11:27:56 GMT
server
openresty
x-sid
AMS-927

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 03 Nov 2022 11:27:56 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
/
onetag-sys.com/usync/ Frame A06D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BFCD 		123 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de27d9c8ff63c8f421018c16df4ea9443583e49e5cd45b0df7d504db86a37989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40302
x-xss-protection
0
server
cafe
etag
877211046938471287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 11:27:57 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:57 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 05 Nov 2022 11:27:57 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E234 		123 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40081
x-xss-protection
0
server
cafe
etag
11221908717617538349
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 11:27:57 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:57 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 05 Nov 2022 11:27:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame BFCD 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0f3608113c9c8eb37fd7a34ea456f4cb3930bf0f4516f8ddf0e780bb160fec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119024
x-xss-protection
0
server
cafe
etag
16294517946134722913
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 11:27:57 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2347 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efbb19776ff06798b7cf30d1a747d245cf3c87d581e46e1ea4ea809f75afeeeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40306
x-xss-protection
0
server
cafe
etag
9724433611728951097
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 11:27:57 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:57 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 05 Nov 2022 11:27:57 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 16C0 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bc50bd82d15e19759cbc076faf930f341ec8954fc8c17420cc6700b7832f028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40306
x-xss-protection
0
server
cafe
etag
3261323171001818907
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 11:27:57 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:57 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 05 Nov 2022 11:27:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame 2347 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070606
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3269b25be140bddaa351758aabc62ee34ee964d54329137e32afc111195ce6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119024
x-xss-protection
0
server
cafe
etag
12175774233896423630
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 11:27:57 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame BFCD 		403 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1d9a0f2b8706986187d9c0559332f9ba000d45d8b20fc5b041bec681b6f1ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame BFCD 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BFCD 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F8B4 		59 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a9ac9b047c7761e3c32d767c5404a95b538d78084e94c837b83099e383ea16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
24822
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Thu, 03 Nov 2022 11:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/ Frame 16C0 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070607
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f12c5d9b738012d3b9f2e3e302e059886c9cdae11a4b569bd00b532846ef99f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119024
x-xss-protection
0
server
cafe
etag
13728674623066083972
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 11:27:57 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 2347 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 2347 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2347 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E08D 		59 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e603044e6aefdfdd2b0ffe01797c6cec7d9ab9105ea4001acaef7416d91c51a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
24981
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:57 GMT
expires
Thu, 03 Nov 2022 11:27:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 16C0 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 16C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 16C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9D16 		74 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d87463f94f4ab37d5b6fd8d4e7ce3232cdb1f2878b1af43bd920569b40d6ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
27928
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:57 GMT
expires
Thu, 03 Nov 2022 11:27:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
3224259884551816443
tpc.googlesyndication.com/simgad/ Frame E08D 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3224259884551816443?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlhzKYo2CizUx8hfVCyo_0sXmyG-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
705cd718e82faa718e51de13d598a9a602b571cea5286b3149526088dacfcfa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 08:25:38 GMT
x-content-type-options
nosniff
age
183739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23355
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 12:54:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Nov 2023 08:25:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame E08D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 10:37:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame E08D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:01:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 11:01:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame E08D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
74952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E08D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 11:27:58 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame E08D 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 15:07:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
73205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
server
cafe
etag
7904785543377395088
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 15:07:52 GMT
6ab016790426e7d037bac2fbd741d34d.js
www.gstatic.com/mysidia/ Frame 9D16 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6ab016790426e7d037bac2fbd741d34d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:51:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4168
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 22:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 08:51:22 GMT
f811ceb9b4a6a990ad4105fc3f7ba433.js
www.gstatic.com/mysidia/ Frame 9D16 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 21:10:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7817
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 19:54:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 21:10:40 GMT
css
fonts.googleapis.com/ Frame 9D16 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:49:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 11:27:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 9D16 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
74261
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 14:50:17 GMT
d6c5bcf26e2f43f621526b11ea468107.js
www.gstatic.com/mysidia/ Frame 9D16 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d6c5bcf26e2f43f621526b11ea468107.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 21:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2008
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 19:54:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 21:15:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 9D16 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 10:37:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 9D16 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:01:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1594
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 11:01:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 9D16 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
74952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D16 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 11:27:58 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame 9D16 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 19:54:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 20:18:51 GMT
checksync.php
contextual.media.net/ Frame D3D2 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9c1fe254149be535a86e3a46a634cf0b61e0bf4ef13753cead57a262bd8dea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8300
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:57 GMT
expires
Sat, 05 Nov 2022 11:27:57 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame CCF6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
ETag
"623de86a-cf34"
Expires
Fri, 04 Nov 2022 11:28:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame E062 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
1863
CF-Cache-Status
HIT
CF-RAY
7644c383bb6c8fdc-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
Expires
Thu, 03 Nov 2022 12:27:58 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
eFdVC5ME9w7heZqQq3vIA9nDLj8lyPtERWwWiUp8NE5UBeBpPEQob0tJ4Zjgi6FXxJVUYDWGYss=
x-amz-request-id
36Y7SPJBNDM635FH
pd
u.openx.net/w/1.0/ Frame 9ECF 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 03 Nov 2022 11:27:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame B05A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 03 Nov 2022 11:27:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1BE6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87260
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 04 Nov 2022 11:42:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 0722 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
354
CF-Cache-Status
HIT
CF-RAY
7644c383ced09b39-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
Expires
Thu, 03 Nov 2022 12:27:58 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
pd
u.openx.net/w/1.0/ Frame 3015 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 03 Nov 2022 11:27:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
check.html
biddr.brealtime.com/ Frame 7C68 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
1863
CF-Cache-Status
HIT
CF-RAY
7644c383fa67bb79-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
Expires
Thu, 03 Nov 2022 12:27:58 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
eFdVC5ME9w7heZqQq3vIA9nDLj8lyPtERWwWiUp8NE5UBeBpPEQob0tJ4Zjgi6FXxJVUYDWGYss=
x-amz-request-id
36Y7SPJBNDM635FH
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3B0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87260
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 04 Nov 2022 11:42:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame C803 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9c1fe254149be535a86e3a46a634cf0b61e0bf4ef13753cead57a262bd8dea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8300
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:57 GMT
expires
Sat, 05 Nov 2022 11:27:57 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 62DC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
ETag
"623de86a-cf34"
Expires
Fri, 04 Nov 2022 11:28:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame F5BD 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 03 Nov 2022 11:27:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 503B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
ETag
"623de86a-cf34"
Expires
Fri, 04 Nov 2022 11:28:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D26 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
ETag
"623de86a-cf34"
Expires
Fri, 04 Nov 2022 11:28:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5621 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87260
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 04 Nov 2022 11:42:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame FEF4 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 03 Nov 2022 11:27:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 8276 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9c1fe254149be535a86e3a46a634cf0b61e0bf4ef13753cead57a262bd8dea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8300
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Sat, 05 Nov 2022 11:27:58 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame BB6A 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9c1fe254149be535a86e3a46a634cf0b61e0bf4ef13753cead57a262bd8dea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8300
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Sat, 05 Nov 2022 11:27:58 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
ssc-cms.33across.com/ps/ Frame 5F98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
server
33XP001
x-33x-status
2000208
check.html
biddr.brealtime.com/ Frame 2CE0 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
691
CF-Cache-Status
HIT
CF-RAY
7644c38408b0929f-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 03 Nov 2022 11:27:58 GMT
Expires
Thu, 03 Nov 2022 12:27:58 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
ozLLefD0knKZ2yMzZ7EA3qLK8cSPeKdEpQT28HMOVUE2s5XW77p+1QkMqhU1tUmLZbb1zAjl4MU=
x-amz-request-id
GNVBWB8PQV5H0AVC
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 43DE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=87260
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 04 Nov 2022 11:42:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 05 Nov 2022 11:27:58 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 596F 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:15:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E08D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5fbcadea89cd3009743469b8e9f35e28bc72b8c0125c4cf9f30fdeda356d49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/9454299416821633218/ Frame 9D16 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9454299416821633218/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5cd8b5b88a8bd9adee44697f352b6368c9767328283de109d27f7743e8757da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:48:24 GMT
x-content-type-options
nosniff
age
9574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3234
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 19:44:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Nov 2023 08:48:24 GMT
truncated
/ Frame 9D16 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
568c3b15dc30340ed4dc1de0167a8875e910ad0cd465b4dbfbc724eb2cebec32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 05 Nov 2022 11:27:58 GMT
7392451588984683216
tpc.googlesyndication.com/simgad/ Frame F8B4 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7392451588984683216?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnpaaDm5lVPnDa8YocOBFPrR7yRmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c157c1d8bd2a04781a514405fde0c20298d6ac178aa7ec24f83572bb326e8ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 12:58:50 GMT
x-content-type-options
nosniff
age
512948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33590
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:22:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Oct 2023 12:58:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame F8B4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
3000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 10:37:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame F8B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:01:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1594
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Nov 2022 11:01:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame F8B4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
74953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 14:38:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F8B4 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667389194171289"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 11:27:58 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame F8B4 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 15:07:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
73206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
server
cafe
etag
7904785543377395088
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 15:07:52 GMT
usync.js
eus.rubiconproject.com/ Frame B05A 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
62db81777c2035dfb45fe032a8c60d09f8939b276a9f3088224a2116a684ad17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 11:27:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 21:42:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36793
Connection
keep-alive
Content-Length
9883
Expires
Thu, 03 Nov 2022 21:41:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D16 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgohCAEqHWJhbm5lclNtYWxsVGV4dEN0YVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRArIQAAAAAAAC5AMAQKDRADIQAAwMzMWIJAMAQKDRAKIQAAAKCZmSNAMAQKDRANIQAAAACYmbk_MAQKDBAeKgYzMjB4NTAwBAoMEBkqBjMyMHg1MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAAAzM7-CQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA9QDAECg0QBSEAAICZmcGCQDAEEhpDT25UX2Yzemtmc0NGZFFHVHdnZHJKd0FiQSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CCF6 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:58 GMT
AN-X-Request-Uuid
36424988-3d4d-482b-8edd-4fc25be457cf
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 62DC 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:58 GMT
AN-X-Request-Uuid
529b4223-029d-4998-8520-3d47da80ce94
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D26 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:58 GMT
AN-X-Request-Uuid
3290693e-3191-44f1-a846-6baa03a87251
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 503B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:58 GMT
AN-X-Request-Uuid
01e94c93-fdac-4c97-9e42-8950c2ed601b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1BE6 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19895415&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0e31daab82a2b37b574ee24f5daaffdfdc559835e8c4d6a0c4f35acbaee9a2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 11:27:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 596F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Thu, 03 Nov 2022 11:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame CFB1 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:15:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8B4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a95240e4f4062f778f1fd2934965b33f9a135c034e714046d2a2ca2119a92d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D16 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 20:22:20 GMT
x-content-type-options
nosniff
age
486338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 20:22:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D16 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options
nosniff
age
541109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 05:09:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D16 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:14:53 GMT
x-content-type-options
nosniff
age
511985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 13:14:53 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CFB1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Thu, 03 Nov 2022 11:27:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
setuid
px.ads.linkedin.com/ Frame B05A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA0ZHL8X-1N-LV72
0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA0ZHL8X-1N-LV72
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B4271E0194E84A1486EDF4D1F865DC58 Ref B: FRAEDGE1411 Ref C: 2022-11-03T11:27:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsjz/Si4Fs95x1ibNXcg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LA0ZHL8X-1N-LV72
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B05A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Qpn0frzaR8SM-Fq2eBd1VQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Qpn0frzaR8SM-Fq2eBd1VQ
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Qpn0frzaR8SM-Fq2eBd1VQ
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XQY3JBE98GWBPVFZS6JB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Qpn0frzaR8SM-Fq2eBd1VQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B05A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwWkhMOFgtMU4tTFY3Mg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwWkhMOFgtMU4tTFY3Mg==
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEwWkhMOFgtMU4tTFY3Mg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B05A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHfzzkf-KPhP8G-i5Fu39cA&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHfzzkf-KPhP8G-i5Fu39cA&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHfzzkf-KPhP8G-i5Fu39cA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame B05A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame B05A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=NTczYWI3MTU4M2Y3ODEwYmQ2MDJlY2RlNDllMDdhNmM5MDViNzZiYw&google_cm
  • https://pixel.rubiconproject.com/exchange/sync.php?p=ebda-test&google_gid=CAESEPBC0brCfrxGsJtt6WVwG1o&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=ebda-test&google_gid=CAESEPBC0brCfrxGsJtt6WVwG1o&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/exchange/sync.php?p=ebda-test&google_gid=CAESEPBC0brCfrxGsJtt6WVwG1o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B05A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QM7JvoKBSfSEmf0UwqZ6AA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QM7JvoKBSfSEmf0UwqZ6AA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QM7JvoKBSfSEmf0UwqZ6AA
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PM5XSZ1DG75H2F8YEM4N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QM7JvoKBSfSEmf0UwqZ6AA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 16C0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae15e8d04575bccc672b952f46ece7cc516cd81980a30aa751beb13ceea1f13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame B05A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/A269e2dqo-KbLZ2c8ffPsMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4608194136100957829
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4608194136100957829
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 03 Nov 2022 11:27:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4608194136100957829
content-length
0
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame 9E34 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877283&bpp=12&bdt=113&idt=110&shv=r20221101&mjsv=m202210270101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1860525998&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=847&biw=1600&bih=1200&isw=320&ish=50&ifk=2478587569&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070607%2C44775017&oid=2&pvsid=2401642991297692&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=31&ifi=1&uci=1.264z9rzb0ewg&fsb=1&xpc=UIwixy358m&p=https%3A//securityaffairs.co&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 10:38:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D16 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgohCAEqHWJhbm5lclNtYWxsVGV4dEN0YVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRAQIQAAAAAAkdtAMAQKDRARIQAAAADAMtNAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAYGZmMpBAMAQKDRAUIQAAAABAktdAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAgJmZ65FAMAQKDRAyIQAAAMDMzClAMAQKDRAzIQAAAMDMzClAMAQKDRA0IQAAAMDMzClAMAQKDRA1IQAAAMDMzClAMAQKDRA2IQAAAMDMzClAMAQKDRA3IQAAAMDMzClAMAQKDRA4IQAAAJiZmTtAMAQKDRA5IQAAADMz-3xAMAQKDRA6IQAAgMzMNH1AMAQKDRA7IQAAIDMzJ5BAMAQKDRA8IQAAIDMzJ5BAMAQKDRA9IQAAYGZmMpBAMAQKDRA-IQAAYGZmvpFAMAQKDRA_IQAAwMzMvpFAMAQKDRBAIQAAwMzMBpJAMAQSGkNPblRfZjN6a2ZzQ0ZkUUdUd2dkckp3QWJBIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2347 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16fb25d794737467d713b8168e15467136fab2ce57a8152d7fad6ff13e3cd9ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11231
x-xss-protection
0
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame AAE7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877204&bpp=15&bdt=90&idt=119&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&cookie=ID%3D23cdf20229e44ed6-2275006064ce0000%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g&gpic=UID%3D00000b7bd307aca5%3AT%3D1667474877%3ART%3D1667474877%3AS%3DALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg&correlator=250772974433&frm=21&ife=1&pv=1&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=617396266&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2092&biw=1600&bih=1200&isw=300&ish=250&ifk=3473468290&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070606%2C44775016&oid=2&pvsid=3863527223460745&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fcw8axg8hyes&btvi=1&fsb=1&xpc=xRgKxZCNG9&p=https%3A//securityaffairs.co&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 10:38:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 16C0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 11:27:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2347 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 11:27:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BFCD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
669eb5b5fb6069575b83c89dc75b40905a087d7872b2d5bc16117aafb68b1133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11146
x-xss-protection
0
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame E848 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667474877&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137826%2Fintelligence%2Fliz-truss-phone-hacked.html%3Futm_campaign%3DNews%2520and%2520Insights%26utm_medium%3Demail%26_hsmi%3D65518746%26_hsenc%3Dp2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg%26utm_content%3D65531398%26utm_source%3Dhs_email&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667474877058&bpp=14&bdt=113&idt=170&shv=r20221101&mjsv=m202210260101&ptt=5&saldr=sa&correlator=250772974433&frm=21&ife=1&pv=2&ga_vid=1783480724.1667474876&ga_sid=1667474877&ga_hid=1817460055&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=2424939633&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44770881%2C44775016&oid=2&pvsid=1797376825089775&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ktcamn1q7tl8&fsb=1&xpc=b2yI4Yfxcj&p=https%3A//securityaffairs.co&dtd=210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 10:38:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BFCD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 11:27:58 GMT
match
c1.adform.net/serving/cookie/ Frame BE94
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1914410202436098911
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1914410202436098911
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1914410202436098911
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8A25
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 03 Nov 2022 11:27:59 GMT
Expires
Thu, 03 Nov 2022 11:27:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master hkg-pixel-x10 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame D911 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Thu, 03 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
578203
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5CC1 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=382834A1-A282-4EBD-87DE-DDA31788D509&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 03 Nov 2022 11:27:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
F3TQ6CW8KNQJBSKBVX6P
Pug
image2.pubmatic.com/AdServer/ Frame 85A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2165484231869203558&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2165484231869203558&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
5475e8cf-8bd4-413d-98ea-37fb5df400af
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Nov 2022 11:27:58 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2165484231869203558&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame EB85
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 65D0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7161750067938588824&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7161750067938588824&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 03 Nov 2022 11:27:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7161750067938588824&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
adx
match.prod.bidr.io/cookie-sync/ Frame C794
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLbkZVN0d4MHNBQUNDUHNkR05Vdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.231.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-231-82.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Thu, 03 Nov 2022 11:27:59 GMT
Server
gunicorn
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2BF7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pms0I_-CSMFB7H6PLhQww7Ki0Yc
42 B
267 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pms0I_-CSMFB7H6PLhQww7Ki0Yc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Nov 2022 11:27:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pms0I_-CSMFB7H6PLhQww7Ki0Yc
Pug
simage2.pubmatic.com/AdServer/ Frame 98C8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2OlvgAE3ocN0QAW&gdpr=0&gdpr_consent=&_test=Y2OlvgAE3ocN0QAW
1 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2OlvgAE3ocN0QAW&gdpr=0&gdpr_consent=&_test=Y2OlvgAE3ocN0QAW
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 03 Nov 2022 11:27:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2OlvgAE3ocN0QAW&gdpr=0&gdpr_consent=&_test=Y2OlvgAE3ocN0QAW
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230021-FRA
x-timer
S1667474879.009003,VS0,VE0
/
csync.loopme.me/ Frame F4B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
176.236.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame 2D48
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7644c38a4ed66921-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7644c388fc1a6921-FRA
content-type
text/html
date
Thu, 03 Nov 2022 11:27:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1551
pub
matching.truffle.bid/sync/ Frame CC82 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 03 Nov 2022 11:27:59 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b31966f5d28e9ac3/gdpr=0/ Frame C212
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b31966f5d28e9ac3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b31966f5d28e9ac3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhYbRUUMVQXSnRgjY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.121.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-121-57.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Thu, 03 Nov 2022 11:27:59 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.7.53

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b31966f5d28e9ac3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhYbRUUMVQXSnRgjY
cookiesync
core.iprom.net/ Frame 92ED 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 03 Nov 2022 11:27:58 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-dc81b48471b4@version_1.530v2
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame 5B56 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 03 Nov 2022 11:27:59 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-9
generic
match.adsrvr.org/track/cmf/ Frame 4463
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1667474878911
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1970562155
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1970562155
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 03 Nov 2022 11:27:58 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 03 Nov 2022 11:27:58 GMT
etag
RXffe97c070f5d41d688cbb3196cc711f1003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1970562155
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1BE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OCg0oaKCTr2H3t2jF4jVCQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=87260
accept-ranges
bytes
content-length
5549
expires
Fri, 04 Nov 2022 11:42:18 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97e96363-a5bf-4400-b8fc-12d38910136f
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97e96363-a5bf-4400-b8fc-12d38910136f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 03 Nov 2022 11:27:59 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97e96363-a5bf-4400-b8fc-12d38910136f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 03 Nov 2022 11:27:58 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1BE6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 03 Nov 2022 11:27:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzgyODM0QTEtQTI4Mi00RUJELTg3REUtRERBMzE3ODhENTA5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHEypul9LiEFeXHGuQ0qheU&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHEypul9LiEFeXHGuQ0qheU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHEypul9LiEFeXHGuQ0qheU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1BE6 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 02 Nov 2022 11:27:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3736669264297645271
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3736669264297645271
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3736669264297645271
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1BE6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f889234b-c19a-4131-8c63-77c706f918fa
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f889234b-c19a-4131-8c63-77c706f918fa
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9cf9b9b1-2ae8-4f1e-afc1-fa9e1097c326&user_group=1&ssp=pubmatic&bsw_param=f889234b-c19a-4131-8c63-77c706f918fa
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f889234b-c19a-4131-8c63-77c706f918fa&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f889234b-c19a-4131-8c63-77c706f918fa&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f889234b-c19a-4131-8c63-77c706f918fa&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 03 Nov 2022 11:27:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
382834A1-A282-4EBD-87DE-DDA31788D509
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1BE6 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/382834A1-A282-4EBD-87DE-DDA31788D509?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4b46:c66c:4b14:20a7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=382834A1-A282-4EBD-87DE-DDA31788D509&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ggGwx7xE2uW7GH63rmTa6a9CDzwHCSo-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ggGwx7xE2uW7GH63rmTa6a9CDzwHCSo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ggGwx7xE2uW7GH63rmTa6a9CDzwHCSo-~A&gdpr=0&gdpr_consent=
date
Thu, 03 Nov 2022 11:27:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1BE6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1BE6 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4214113906061359010&gdpr=0&gdpr_consent=&us_privacy=
1 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4214113906061359010&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4214113906061359010&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:535629bb-53dd-4632-8a29-fc1cec9fd86c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:535629bb-53dd-4632-8a29-fc1cec9fd86c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:535629bb-53dd-4632-8a29-fc1cec9fd86c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 03 Nov 2022 11:27:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 1BE6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2165484231869203558
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2165484231869203558
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:27:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:59 GMT
AN-X-Request-Uuid
10463ae7-7caf-4628-b69c-6f44c437f268
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2165484231869203558
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA33 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:01:26 GMT
expires
Fri, 03 Nov 2023 11:01:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E5A5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1f1fccf9f68287326b24abc4c657ae25f017a985f934a50431ba20e9b4cb6e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jE8fEW9BRqaJSnLSBDEX1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-jE8fEW9BRqaJSnLSBDEX1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Thu, 03 Nov 2022 11:27:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C424 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:01:26 GMT
expires
Fri, 03 Nov 2023 11:01:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5E63 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90fe07d635c5fe3416e31943e032507c7e60c01eec4f112519cd0ab0406c917a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dKV8Luk-1SuwnnAcuOeisQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-dKV8Luk-1SuwnnAcuOeisQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Thu, 03 Nov 2022 11:27:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E099 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:01:26 GMT
expires
Fri, 03 Nov 2023 11:01:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C331 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f98a1dfa5788bb78a1849f3ae7e7ee26938cbdd274329e2c88c694b9e0333756
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--cjkxJYAOlDDdOlPoVxaSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce--cjkxJYAOlDDdOlPoVxaSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 11:27:58 GMT
expires
Thu, 03 Nov 2022 11:27:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame FA33 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 10:38:00 GMT
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame C424 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 10:38:00 GMT
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame E099 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 10:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 10:38:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=1797376825089775&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E5A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=2401642991297692&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C331 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=3863527223460745&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C424 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KISScw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame FA33 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XW0g4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame E099 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jFF5-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
async_usersync
ib.adnxs.com/ Frame CCF6 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:59 GMT
AN-X-Request-Uuid
409f202a-6c45-4d77-abe4-c822cd5f13b7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 62DC 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:59 GMT
AN-X-Request-Uuid
b1bb7e24-75e2-4e40-b809-c0cc14d2a8e2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D26 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:59 GMT
AN-X-Request-Uuid
2b70ce11-17a6-4108-b69a-3c23145dac1e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 503B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Nov 2022 11:27:59 GMT
AN-X-Request-Uuid
590b6eec-79f1-498b-9949-99efa8ad6bb8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F8B4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOyM9ssFZeEhjSLp9N5VAxU0o6Nml2hNCrLckFngwckreKX-fqAvxMdiOjBWKULnVl2X3Hvpx_0WxhSETmdgLiDkxeZ0d3NfV-ffGrxKb0CjCSRBYFF3R-thMBafbq3h-3PGDtBg&sai=AMfl-YSu-VjiOCFKtY0K0TZUHNW2iqP2Nh58rEXbFtFya-PAvvhxOEn2KyazvM2MH5xQ3UpiIoQCZXS6YKudQkY&sig=Cg0ArKJSzG3OB4Jm_bKpEAE&cid=CAQSGwDq26N9kpTSPN3yYiexKYmELfaQp_10rZsbhRgBIA4&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1194620937&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667474877270&rpt=1264&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9D16 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssco89KzvIgfbc4f5W9O5_alOiWb0T9LXYmqs8y9l7r_uVgWc0huLk5eW78M85UV6JVo5GiXmMAVi5rPaABSrEgZuVWg7X1LiaceNg01qlwSnUg-klyl-1vbdrjZzXNLWNEOMvMVQ&sai=AMfl-YT0JGnUt-C6Uz1Q_lXzTHZ9oEy2pXuCaEbEvZwlG9ug0lEsQxAGarRQturvYGeRbXEtoGUU-sT7sUe-AnBjOjRBUwePd5LWzdco8hrukJs&sig=Cg0ArKJSzHI7zczPt5vUEAE&cid=CAQSLQDq26N9LPIZbN04_oRX49LQ2Ms_h9FV4Ks_CujjWC9tuuVl1gMcmBxvGcqMuBgBIA4&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=468307373&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667474877430&rpt=1148&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:27:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BFCD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=1797376825089775&bg=!EhGlEVXNAAZPh4lnb4c7ACkAdvg8WrV2uI-1Vq5J4OteXnk4HcR2LkC4eiJ-BH5CqI6pDaUiwfqbJwIAAADpUgAAAAJoAQeZAs6aV0vfNF-CHXRRiW60znn_4NMQopstBKlIUymVFfBDi6q9vKfSWxZyf0oxPcSSy8GFrMzdspwUtgNKkHY0O8iDOiH9doykTm7erajVuDbFwSQYn2HLFGq-fcTw8p5wrniUV-29NaaTYvWLyfh_gxDRKMkFfV4iNJT3eNyvp1bXeLh5Lu85jhe623J53Xqxzl3eA8SXYqBzMpiKQ7x0B5ZYGSvFeqyXNmi7xMQ3o0E5qESvy5RpR28NV7cxq24FsAhTbOJXZUaRa0J6MjwfumGxsfvM-sO_A3YQVWsHjqS4u_xCd-W3gj8l33vNwKF6uUwU_hiv1QOCTP2TctXX4YvumATGPTCpuQBy-wlMeEImyKcSQVuUTl9ufl7tychpwugZhyu6dNaS6EMDFC7RFSdn0UQzpIdSyb_08nOC098iPZ3Lr5nTa5aFOcZHJvwDi0LNntHhIDTmlzwZx4qMF65FxoFmxY_zLPOE3ZYxyndyGJo-0zonWuBl82141p2NyHUtA9RsZmteQaIoTaFv24T-0HY13lKDhcC8qz6ukRQvk9iEftQs8UF8vkioUrSpO4q10nSwPJbIt8hItEttWp9-xfIv5icXJDWC4aBs5d4x1kHRoDxVNDLD_saIryp9x1r2gZI2hLkFREOuwXNSWfBs0UTlCpNHq5-Q_Te6d-OpFgWT2JgkGL0tk4i1nTCa3U5GOUqNayiM7pWFvoCaoCUxPRLnvXAZ8-ybCBD6ZY-G1_7UfnmuM5PVFY0wg5o6eR5HY9LgQfkbjMQ1dBmgA3ciwGYIvKIv1z6-p1xxCvIjmfeuDQC0Fo8BRPaIKt6z-l7yaGTvZgVkAqWLto8BSZnoTpkOFq5KfaoU3YQ-b6XRWWNeZQ_kAELr8LulbN6ud7T_969Ru8VJA7xEaCx_yddVWO9lbnxRTyYVkIXKVf0ImYudN_Lk8Cfurju-oRyJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 16C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=2401642991297692&bg=!0tGl0ZXNAAZPh4lnb4c7ACkAdvg8WuLogjhiY2MhjUwWB3hd9um8r6B8bLs1lNSO-NUnBMNXtOTDkgIAAAERUgAAAAJoAQcKAINK-NS8UR-pedOg-pvzaRYGd4i6FrGkAUmqrg-owAud7D1o644IP2B8TE8Ug3cDOvvJT6aVy7y62M6wtOYVoVuKQSgP_IvzH-hFaNn-hvBeYogbTJrO5KjnDabqfvJvVbh3RDnHjWz4ipVDtnzv22yweFH6RwS1WSSSQzotwsj68OGCWpkCxOQfaIUs5OQXneRV_iuzbK0q19wgAsbKJ7PoHGCnKoUpZnk8h2GdQbcVgDJ2qMFSBEacGnlxhjkfKWK_CmWZBMGj0vubRFtGDWDK9FzS88pPSXJyMTB4I5_jXi6bpbVcTZiqrjstRC5s0-zW8MKD64mZUpZTlUQdl-TVtBqHkzdtKdxHVmfuPbNSeD2Idh6xMZz2vcfteCbsp6jAbQFtuASUgTWA32fwqQJ_geAFFf44Tj8J71BSpfOtgf31o4pQg_MJjpUqjce5SmBKtFgkhF4_-iWrfDbMysCnTmZ-Lh6uKAgraDkPx4rB6EtiEXXnIekmtaVQlwfrOmTOAyQccm8SsfM1XSSRL7iLoGK_M8i0bHdC7rM1591KGC_7GSGzsFYAqMxhQSGcVurbGWgZ8DRFhrpAmBzUzq0n2N5-i8V5Tl8DuTWJW-FOJawcdD6ZWIFY_mz7B-nbvxwN9MdsruKD7yqJ0CAdp7nKveYpeU9IXYVaWLAWjMB2mRlCsNDzbjRnR3fRkHuSc_P6n3qXqfR-AET3knARavQ_suUpRNwjurbwa4IZYzC-1IOICSo1yVoqSOCR9IzvizSiwyKCHAUAxzvcFfu1Z7604xgAyL9tP5bu0H714nM6MBfWwyxzPKdI7EvbyKpvjGMHrek-HVoF36ZynavmRAosP6KrkgJ3zjcSPA3rLRK8AogAuc2eogEQOx8lKM484vWmlL5ldHW7-pMZjuDV_qxpM6iSeaUR1RoKMrtMK6HNDP6kpPYh8uoGylSg3xIODeIaO6UgN_G3wupvP0LW5HKdGmanbaA5yHg9RGoZdYl7R7vSLGAqOfdorsg4Kpt46GilhEDAmnUjGyd4KNbIo3_xS6upWw3RkBKi1GedBgFqDYc1OwLAvcVeOaC679TbIOYWSLCIKbRQVYTt36tSjypU1NBNnjXYQNq6kw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2347 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=3863527223460745&bg=!8_Cl8LTNAAZPh4lnb4c7ACkAdvg8WqSUowZxjwNyHIYCx5Hm4N7vtE7pKLyty2zeoT_z2jPGth_iSQIAAAEEUgAAAANoAQcKAHmLxMW737eoe2vRo9ovuvGN2MykO41B6tufMZqq6ukXBogiHTd7kQXnI0sN5KRdXY3PBeTSoc0kyOIVIhxssEn3WKNB2t2p_XhuZ9DkkqVhhnvmNfLaPlihUjwZB9xFlCkX4X8_0MqIJzOk9_tAZRuS04lShOhjIkW3mQK4lxtvlSUPM_wRI6eSFSLuv2jIJT8_5pEJ0xfdP4kwazrHVreZ4RRGWGAhfcwHXLWEycUY4wKfSvrglgNefa2ePZDIakT2Q0dBLdD7Df9WGkr0UohYgTrPe9bVqC7R3-LFu9YYXlsofqmMaTngU250cn0ns637-lyTau0pm1Is_96bOKK1kFFs_rWM67qZOsKJc2uNKgcxHKf8cg3gvVSVTZ1pekhSPh-akouVR7S_c2Sw7p-BeUkqlfs0yjsP2h6UvHHoMhH9g66w6tvEaKzLY2PUs-cv7NFvQaVl3D1JW1mZYnSaSUqs4dGSwOV1JT9ZjlffbppcDs1Cr5TqU7AfY90GiYo4xLOti7UFdq-d5vdTt97TwSJQIQ41f-1eFxFF9NND3KGiDFKHeg6-d3eKGLIR6fQj4zjVIebemxk6vuX7wX0sOqe0xIIp-nlHSnigWd02a0Wcr9dh8sX3gzUI2L3XWianwraSKHS93687wFBQDxP9YiiYwit4PY-HFU2ynsA_lUGGt3Wd3BBy4SLN2NIKLXeO-LmkCm8d4E1SL9n8wdLMhb74tCmbO-zmnFvgg_bK08MfS8N1CItKEP23jt622J9BLJHsopN7CVwIgp4LIsxov7LKkZagTCI-HuwEiKvnZviQuIIOXma_OsGWK_eM73bMw_KG5tVe81RHIAolzeJV5q5dAq5LBehI2hCklpftpkSTS9nEKt6e3yBitfPmyQdmhGeEGTktTySeyQi6-eTLe10RGKCmwWa6nqgWJT-RFGnF5PV_7s0BmbODte3FnlZVbsl64UHCGMdP0iU1jLcLblWbpxvWwmXjZGW6eAaCvjeZruBWWWqQbCoAcb9u_cnni4C9Fs4YG3-ACooihWOAlYHmHP5bn2_G-cdPUMb4uAx5CSu1tzsbjyvTyMkkOm22bLTY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 1BE6 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:27:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame D3B0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13604764&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7c8adf90ae28e6bc68f59850fee5d074ea6e200735ee3b6ce5e1a428420427ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 03 Nov 2022 11:28:00 GMT
content-length
1634
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 5621 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64798944&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7c8adf90ae28e6bc68f59850fee5d074ea6e200735ee3b6ce5e1a428420427ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 03 Nov 2022 11:28:00 GMT
content-length
1634
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 43DE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70493749&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7c8adf90ae28e6bc68f59850fee5d074ea6e200735ee3b6ce5e1a428420427ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 03 Nov 2022 11:28:01 GMT
content-length
1634
content-type
text/html; charset=UTF-8
141
match.deepintent.com/usersync/ Frame 0E61 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 03 Nov 2022 11:28:00 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 4D16
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:27:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 03 Nov 2022 11:28:01 GMT
expires
Wed, 02 Nov 2022 11:28:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 5B61
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:28:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Nov 2022 11:28:01 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0eed724e77eae7a40@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Artemis
aud.pubmatic.com/AdServer/ Frame D3B0
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Thu, 03 Nov 2022 11:28:01 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame D3B0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:04 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:04 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D3B0 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=382834A1-A282-4EBD-87DE-DDA31788D509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:28:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7644c398b8249122-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame D3B0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=382834A1-A282-4EBD-87DE-DDA31788D509
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
18.210.87.63 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 11:28:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 03 Nov 2022 11:28:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame D3B0 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.93.115 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:01 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame D3B0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=edae1db3-6d5c-4e25-8cd1-1ebd8016b031&gdpr=0&gdpr_consent=
1 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=edae1db3-6d5c-4e25-8cd1-1ebd8016b031&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:28:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=edae1db3-6d5c-4e25-8cd1-1ebd8016b031&gdpr=0&gdpr_consent=
Date
Thu, 03 Nov 2022 11:28:01 GMT
Connection
keep-alive
X-CI-RTID
338f3520-6796-4d62-9008-48e226018f73
Content-Length
205
Content-Type
text/html; charset=utf-8
Artemis
aud.pubmatic.com/AdServer/ Frame 5621
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Thu, 03 Nov 2022 11:28:01 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 5621
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:04 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:04 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5621 		95 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=382834A1-A282-4EBD-87DE-DDA31788D509
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:28:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7644c398b8269122-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 5621
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=382834A1-A282-4EBD-87DE-DDA31788D509
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
18.210.87.63 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 11:28:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 03 Nov 2022 11:28:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 5621 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.93.115 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:01 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
141
match.deepintent.com/usersync/ Frame 530B 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 03 Nov 2022 11:28:01 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 1DD7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:27:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 03 Nov 2022 11:28:01 GMT
expires
Wed, 02 Nov 2022 11:28:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 5621
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0e5469df-9ecc-4aed-86c0-31b2c166f0fc&gdpr=0&gdpr_consent=
1 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0e5469df-9ecc-4aed-86c0-31b2c166f0fc&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:28:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0e5469df-9ecc-4aed-86c0-31b2c166f0fc&gdpr=0&gdpr_consent=
Date
Thu, 03 Nov 2022 11:28:01 GMT
Connection
keep-alive
X-CI-RTID
c60a7bc9-8491-46f6-8fee-1247c59e6ce1
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 89C0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:28:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Nov 2022 11:28:00 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:G2tbWFoM1OQyo95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0cc766d172cabf844@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Artemis
aud.pubmatic.com/AdServer/ Frame 43DE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=382834A1-A282-4EBD-87DE-DDA31788D509&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Thu, 03 Nov 2022 11:28:01 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=382834A1-A282-4EBD-87DE-DDA31788D509&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 43DE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:04 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:04 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=382834A1-A282-4EBD-87DE-DDA31788D509&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 43DE 		95 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=382834A1-A282-4EBD-87DE-DDA31788D509
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:28:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7644c398b82a9122-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 43DE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=382834A1-A282-4EBD-87DE-DDA31788D509
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
18.210.87.63 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 11:28:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 03 Nov 2022 11:28:01 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 43DE 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.93.115 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 11:28:01 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
141
match.deepintent.com/usersync/ Frame 4713 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 03 Nov 2022 11:28:00 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 5591
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:28:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 03 Nov 2022 11:28:01 GMT
expires
Wed, 02 Nov 2022 11:28:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8D725F8BEB9A4636BAD24D25695B4657&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 43DE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=67ec9dcc-4f49-4435-adc4-7294d7860c0f&gdpr=0&gdpr_consent=
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=67ec9dcc-4f49-4435-adc4-7294d7860c0f&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 11:28:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=67ec9dcc-4f49-4435-adc4-7294d7860c0f&gdpr=0&gdpr_consent=
Date
Thu, 03 Nov 2022 11:28:01 GMT
Connection
keep-alive
X-CI-RTID
86fc7a1a-279a-429e-86a3-a71bdc02ef88
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 3F72
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Fq8eiQCH1OQyo95&gdpr=0&gdpr_consent=
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Fq8eiQCH1OQyo95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 03 Nov 2022 11:28:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Nov 2022 11:28:01 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Fq8eiQCH1OQyo95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| mnetCustomerData function| injectMnetScript object| _mNHandle string| medianet_versionId object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing function| gtag object| dataLayer object| WPCOM_sharing_counts object| click_object object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq function| st_go function| linktracker_init object| wpcom object| _mN function| logFailoverPing object| twemoji object| wp object| google_tag_manager string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady string| pxft_clear_cache_flag undefined| pxft_first_init_activated object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture boolean| isPending string| prebid_file function| findCMP_PixFuture object| pbjs_pixChunk object| pbjs_pix object| _pbjsGlobals object| mnet object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

89 Cookies

Domain/Path Name / Value
.email.slcyber.io/ Name: __cf_bm
Value: LrcYVnXxVV1HNZDbUb8qTHagr2fwbfdJGJiGRiTLq3w-1667474873-0-Ab+XiO57C/3FDv67YtCm2lDwZ/EbFFf8pR3+oZmKF92ZcdyYfWnkNo9mWikmCTaRZxM8yf+z00/60VV4oZfikDA=
securityaffairs.co/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.co/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.co/ Name: _gid
Value: GA1.2.1323955502.1667474876
.securityaffairs.co/ Name: _gat_gtag_UA_59069958_1
Value: 1
.securityaffairs.co/ Name: _ga_8ZWTX5HC4Z
Value: GS1.1.1667474875.1.0.1667474875.0.0.0
.securityaffairs.co/ Name: _ga
Value: GA1.1.1783480724.1667474876
.securityaffairs.co/ Name: _ga_P62M3QN974
Value: GS1.1.1667474875.1.0.1667474875.0.0.0
.agkn.com/ Name: ab
Value: 0001%3AEU0Ybw1f%2BicSqvjEFblbjhVeHKF%2Fe%2FRk
securityaffairs.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.securityaffairs.co/ Name: _pubcid
Value: ac190537-8e16-4e91-b139-3cf4909d68e0
securityaffairs.co/ Name: _lr_retry_request
Value: true
securityaffairs.co/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Il`lB%S0!]tbP6j2F-XstGt!@DVU$e<Xc
.adnxs.com/ Name: uuid2
Value: 2165484231869203558
securityaffairs.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-03T11%3A27%3A56%22%7D
.rubiconproject.com/ Name: khaos
Value: LA0ZHL8X-1N-LV72
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1s1+do8irI5S+IXqvPVzt4X6LBWwGzep0JDp7MRhFcabXmKU1fdwtx5FGfGNePc3/th4iWCi6WjspbV3mhqimWXjmaZkH7bMyyqVI1k5poNA==
.securityaffairs.co/ Name: cto_bundle
Value: 1IMmb19FRlNVaFI0bFJ6Ulg3ajdBTTl0TmVoa1BwMEJhekNVbmk4UVZNVEJzUHc3NDZaa1R5azIzJTJCRmQlMkJkcTBUaWJhcWd0QXBXaUprbGFtTCUyRkExUVB5QXl4ZkFsMHV4YVZsQ2UlMkYzMGhLUkglMkZiZWJkdUdRZ0hld2ppUzVNbkx6cENPdEc
.securityaffairs.co/ Name: cto_bidid
Value: GmSz4F9QT29OWjk3enJuNEhVZ1dHeWQ0TXZobUUwV3p1ZWNwVHJDM3VxSmkwYWxuOTl2VzFneHhybTI1bGpqcTZEYXRsOSUyQkpwaDRrdWZBSzNEc2xPZmV4ZW93JTNEJTNE
ads.us.e-planning.net/ Name: CT
Value: 1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s8548|Y2Olv
.securityaffairs.co/ Name: __gads
Value: ID=23cdf20229e44ed6-2275006064ce0000:T=1667474877:RT=1667474877:S=ALNI_MZLCVG9HQv6ik6ZGSarA5zhHVrj8g
.securityaffairs.co/ Name: __gpi
Value: UID=00000b7bd307aca5:T=1667474877:RT=1667474877:S=ALNI_MZPrY8bbeG2XkBgaQnTy9LESUPnYg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlUZtBFc65ZeEEcmif1NoR9sj-B0m_BoNOd9aawkDnnomULsIkxbodBgaV8uOs
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 382834A1-A282-4EBD-87DE-DDA31788D509
.yahoo.com/ Name: A3
Value: d=AQABBL6lY2MCENsm0NrINsvIIyatgnU11E8FEgEBAQH3ZGNtYwAAAAAA_eMAAA&S=AQAAAjSf2T45ffBXL5Iklqv1HiA
.quantserve.com/ Name: d
Value: ENkBCwG-J_ijAA
.quantserve.com/ Name: mc
Value: 6363a5be-d33ab-48577-df155
.adform.net/ Name: C
Value: 1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&23572209-25c0-425a-81a4-edc56e4338a4"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njc0NzQ4Nzg7MjswMjFJ8y1yOpmLx7LNcqXxL3SInJ1DPnG6buS1Qbz5uFQsGg==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2410:u=1:x=1:i=1667474878:t=1667561278:v=2:sig=AQGDozC43T7DRD0AmfFM7gso-Vq6gjQS"
.simpli.fi/ Name: suid
Value: 8D725F8BEB9A4636BAD24D25695B4657
.turn.com/ Name: uid
Value: 4214113906061359010
.adfarm1.adition.com/ Name: UserID1
Value: 7161750067938588824
.adform.net/ Name: uid
Value: 3736669264297645271
.de17a.com/ Name: guid
Value: 1.1914410202436098911
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ffe97c07-0f5d-41d6-88cb-b3196cc711f1-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~282z
.bidswitch.net/ Name: tuuid
Value: f889234b-c19a-4131-8c63-77c706f918fa
.bidswitch.net/ Name: c
Value: 1667474878
.bidswitch.net/ Name: tuuid_lu
Value: 1667474878
.onaudience.com/ Name: done_redirects104
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y2OlvgAE3ocN0QAW
.bidr.io/ Name: bito
Value: AAKnFU7Gx0sAACCPsdGNUw
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.playground.xyz/ Name: connect.sid
Value: s%3AuwAu_fQKexPZSPK70FNrDR2gaHUJfUXj.9WiLRwJYTheuIvxANjda4LonoENQOX9k57dwE1LQxbQ
.amazon-adsystem.com/ Name: ad-id
Value: A2qYjJ8VSU9usOjZoa6otsA
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1914410202436098911
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v&KRTB&19420-4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v&KRTB&22979-4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v&KRTB&23403-4pN4RbWVLBP5xH1FtcJjQuyVeUH5xChH4ZXjL09v
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2165484231869203558&KRTB&23339-2165484231869203558
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHEypul9LiEFeXHGuQ0qheU&KRTB&16514-CAESEHEypul9LiEFeXHGuQ0qheU&KRTB&23025-CAESEHEypul9LiEFeXHGuQ0qheU&KRTB&23386-CAESEHEypul9LiEFeXHGuQ0qheU
.onaudience.com/ Name: cookie
Value: 16f914d515ac92e6
.onaudience.com/ Name: done_redirects147
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a66b3423-ff82-48c1-41ec-7e8f2e1430c3.5gmLqiRqU2ErDJkhyT460wIo%2FCxpgs3hy4fEXODnpTo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Apms0I_-CSMFB7H6PLhQww7Ki0Yc.ENYVU1IMm9J7xXWSDLWNr7Dp2HJu1h77FtagcXvINSA
.tribalfusion.com/ Name: ANON_ID
Value: annsIHoZdUQcR2Hp9vcg7JLejajALryJHDtWbAx8DGujGZaL0yymYZcbQ7DS8BfCgoPmBh8mK1q3iba3ItGfFULgBW8
pool.admedo.com/ Name: tuuid
Value: 9cf9b9b1-2ae8-4f1e-afc1-fa9e1097c326
pool.admedo.com/ Name: c
Value: 1667474879
pool.admedo.com/ Name: tuuid_lu
Value: 1667474879
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-pms0I_-CSMFB7H6PLhQww7Ki0Yc&KRTB&23334-pms0I_-CSMFB7H6PLhQww7Ki0Yc&KRTB&23417-pms0I_-CSMFB7H6PLhQww7Ki0Yc
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7161750067938588824&KRTB&23369-7161750067938588824
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y2OlvgAE3ocN0QAW&KRTB&22978-Y2OlvgAE3ocN0QAW&KRTB&23194-Y2OlvgAE3ocN0QAW&KRTB&23209-Y2OlvgAE3ocN0QAW
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3736669264297645271&KRTB&23263-3736669264297645271
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4214113906061359010&KRTB&23150-4214113906061359010
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f889234b-c19a-4131-8c63-77c706f918fa
.adsby.bidtheatre.com/ Name: __kuid
Value: 535629bb-53dd-4632-8a29-fc1cec9fd86c.436688879
.mathtag.com/ Name: uuid
Value: 763a6363-a5bf-4b00-95ac-23ebcdcf6ab1
.pubmatic.com/ Name: SPugT
Value: 1667474879
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&KRTB&16736-uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&KRTB&23019-uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1&KRTB&23208-uid:763a6363-a5bf-4b00-95ac-23ebcdcf6ab1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158127:4
.pubmatic.com/ Name: DPSync3
Value: 1667520000%3A174%7C1668643200%3A221_226_227_235_201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1668643200%3A243_88_22_189_204_166_54_8_21_55_13_231_165_238_234_233_176_104_71_5_3_251_81_99_161_220_7_56%7C1668038400%3A15_223_2%7C1670025600%3A203%7C1672617600%3A69%7C1668297600%3A63%7C1668729600%3A35
.zeotap.com/ Name: zc
Value: c94a5556-08f0-49fe-63e4-6a6886174856
.w55c.net/ Name: matchpubmatic
Value: 5
.w55c.net/ Name: wfivefivec
Value: Fq8eiQCH1OQyo95
.fiftyt.com/ Name: cs
Value: MTY2NzQ3NDg4MXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fOIo_qffgVobhzmtYpsCb3k5TyNvcpKfRA2MQNgLkriI
.fiftyt.com/ Name: fifid
Value: 416619d0-c21c-4915-5c08-4cd3c027326a
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:Fq8eiQCH1OQyo95&KRTB&23421-uid:Fq8eiQCH1OQyo95
.pubmatic.com/ Name: PugT
Value: 1667474880
.fiftyt.com/ Name: fppm
Value: 20221103112801
.semasio.net/ Name: SEUNCY
Value: EFB1EA1960703AE

7 Console Messages

Source Level URL
Text
security error URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email(Line 392)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email(Line 393)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email(Line 394)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email(Line 395)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://securityaffairs.co/wordpress/137826/intelligence/liz-truss-phone-hacked.html?utm_campaign=News%20and%20Insights&utm_medium=email&_hsmi=65518746&_hsenc=p2ANqtz-_prf0Lb2uz1d4Xh4I7yI-wVo5ZKh-UCU4GLkZJybKf3vxUzc5wc4L0KaOz1tx3RZuDJu3t5Y-Qgi6vyX6P5FezzsE4zg&utm_content=65531398&utm_source=hs_email
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://securityaffairs.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b31966f5d28e9ac3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhYbRUUMVQXSnRgjY
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
aud.pubmatic.com
biddr.brealtime.com
btlr.sharethrough.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.pixfuture.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
email.slcyber.io
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i0.wp.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
l.sharethis.com
lb.eu-1-id5-sync.com
lg3.media.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.wp.com
pixfuture2-d.openx.net
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
secure.adnxs.com
secure.gravatar.com
securityaffairs.co
served-by.pixfuture.com
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
fonts.googleapis.com
103.229.206.241
104.17.120.107
137.184.242.150
141.94.171.212
141.95.171.139
142.250.184.194
151.101.130.49
162.19.138.116
162.19.138.83
173.231.178.117
178.250.2.146
178.250.2.151
178.62.202.251
18.156.195.47
18.158.86.169
18.210.87.63
185.172.90.251
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.78
192.0.76.3
192.0.77.2
195.5.165.20
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:8d8:100f:f000::289
213.155.156.164
213.19.147.44
216.52.2.48
23.203.77.3
2600:9000:20e8:ac00:3:c04e:c780:93a1
2602:803:c004:200::141
2606:2c40::c73c:6702
2606:4700:10::6816:1957
2606:4700:20::ac43:4471
2606:4700::6812:18ad
2606:4700::6812:acf
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:800::2008
2a00:1450:4001:802::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:fa8:8806:16::1400
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3605:4b46:c66c:4b14:20a7
3.123.150.182
3.126.56.137
3.64.28.4
34.102.253.54
34.107.148.139
34.149.20.76
34.237.81.207
34.98.64.218
35.201.96.126
35.204.74.118
35.210.53.219
35.214.236.176
35.71.131.137
37.157.6.253
37.252.171.22
37.252.173.27
38.91.45.7
5.161.54.172
50.17.236.145
51.222.80.231
51.89.9.254
52.28.22.239
52.29.244.112
52.30.93.115
52.46.130.91
52.95.125.22
54.217.231.82
54.76.86.77
66.155.71.149
67.202.105.23
68.183.31.14
69.166.1.14
69.173.144.138
69.173.144.139
77.243.60.138
81.17.55.161
85.114.159.93
88.221.168.189
88.221.168.201
88.221.168.23
95.101.200.23
99.80.121.57
006290bc1b10f888c629ad156a5c46d61323e7257dc071445f6b24bd6c9f8f81
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0e31daab82a2b37b574ee24f5daaffdfdc559835e8c4d6a0c4f35acbaee9a2c0
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0e5b3603d79396d44ac1e4cb60efeb13884b680c305787b7cb558a9f16b769d0
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
0fdd431da934a4c1aba9662ee744d6b0cf46db8f7bd96ee422c9cf956d21e0c9
117432e6b3ece6dbda2daeff896af71cf5f3ccded5ba1855cec60feaf94adc2c
1209f3934925264933f0aa1e5ade0785c82278d5c9f7500823e287e006f9f79f
13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
16bf8f28c3defc823c087c92250645243d9c3d61071e2b88b84dbb9d844589b7
16fb25d794737467d713b8168e15467136fab2ce57a8152d7fad6ff13e3cd9ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
18e85f0ffb42614435980499c2a34ae6b797eeb46188fe9bf2992826d1b4f832
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1bc50bd82d15e19759cbc076faf930f341ec8954fc8c17420cc6700b7832f028
1ca6eadda72b5d9978a6a3b5cbe629c42734b42f0e57d553c98e6bcf3bba4f70
1d46379abdd62b883f6bd28811ca322873ce95f0a87381b6f42919f8b77c7d58
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
2334b044148c510137d0d2fda895defe5706dc7c54efc6d8b0dfda55247612e7
2554d9c9870bd40839683f0641c539d118db3a2dd2fce47a17656d296733775d
262b7ef412f61ca156453cd239f2c8f5f050d69ead9f18aed386a8f9088e71ff
27af6a936f27c245f807aef4673133e343b4d791c45ada798049d38a55e3634c
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c2970347a7b2d4a845e8795b2d81abe37c7f9930704cb2d393d6fe2998a2a48
2c559a796ad3e8b95667c1ea3206e641bb139345eb5a6f6f4effc42e4a1daea7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30c10e77fb5111948c15e36f5a51896e63da94fac26e843092b675052c78e480
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3269b25be140bddaa351758aabc62ee34ee964d54329137e32afc111195ce6c5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6835ca22ab32fc6f76cbc41eb29d0475cd74f549004f7b34099b72b7fb0bb2
3fa82e995f42dc27cb2a9a884c744e3aeabc2959c2411594650fe97edda9731f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5f06c5cba8b3f247e6e556e26ac209c53afdc0bd7638b332e5390aff634b55
4ffd1653a579e769b5b9279676881b482c4e12f4ad187cfc0474fa94ee8ef26f
5235c1b123fdcdf102d3835a834f7947b935de8703a084f8e2281ecbc8b0d02a
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54f92224a20be73141c20c90b4bca07070da53ba2e61beff0119978862334103
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568c3b15dc30340ed4dc1de0167a8875e910ad0cd465b4dbfbc724eb2cebec32
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
612527b9ac38ad50013cbb8b954bab01e8f9fa4e46132a44f9b43f83655ccfb3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c6fc4554f96a0ba7540d361180aec047061623c77ce71195055e20881555e9
62db81777c2035dfb45fe032a8c60d09f8939b276a9f3088224a2116a684ad17
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
669eb5b5fb6069575b83c89dc75b40905a087d7872b2d5bc16117aafb68b1133
6a2ccd1afa70321bf134629c4381925c33cb55597e6c7839be9f6c6118009930
6a636a80f12103f3cafeca1018ddf9b05b8f5210e68fb298e41efe4d83f03aa5
6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca
6ac204034b637dbf0d3b88948375ee84f5786fbedcd48cc3603b6aa25984d142
6acaf1e28f06b9575940731ab904b18dde4d2bf52618c42fddb14d0d9b6c028c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae15e8d04575bccc672b952f46ece7cc516cd81980a30aa751beb13ceea1f13
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
6f12c5d9b738012d3b9f2e3e302e059886c9cdae11a4b569bd00b532846ef99f
705cd718e82faa718e51de13d598a9a602b571cea5286b3149526088dacfcfa8
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
7c8adf90ae28e6bc68f59850fee5d074ea6e200735ee3b6ce5e1a428420427ad
7d87463f94f4ab37d5b6fd8d4e7ce3232cdb1f2878b1af43bd920569b40d6ac6
7e603044e6aefdfdd2b0ffe01797c6cec7d9ab9105ea4001acaef7416d91c51a
805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8539166b40b40c29be7621dcd5897c8fde788f1889bf700103e0a804922a9a55
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
876dd5ebce523b9f343eb36b339cc086611c7a849648634e982a36d411b408fb
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
90fe07d635c5fe3416e31943e032507c7e60c01eec4f112519cd0ab0406c917a
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
996fd3686ff0e891b6ae5948d1b59dc477b908dd4b2d9f68bf175e39cf7470c5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9a95240e4f4062f778f1fd2934965b33f9a135c034e714046d2a2ca2119a92d9
9ac4660104e785f6692da2b1019cf7f71511305fe5cf941a51dac1de573dba0d
9b0c86837c11f41f7e17114ef1171830127e96f5d9b4985bb88799dcc287a4cb
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9b978821f78e7bd3a48e5ae8fd7121a291eec506579406745800ca0590f0907c
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9cd0a470409ee86f474ccdcca22f9d3db2791cadff8301353e87cf3bc1d890ac
9e5061f8f48d0cf9e31dae1629f54343394020c0c986df6fcee03ebd7af7b212
9f3bb12a0437547eed84bd6e877bc50f94f5acc0d34cf0cfcb7376e3999146dd
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
a0f3608113c9c8eb37fd7a34ea456f4cb3930bf0f4516f8ddf0e780bb160fec5
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a594ede9ca8889ddfb007af69b98c0975f4d13c1cb53fcda8475d4f58b0ba4e8
a5fbcadea89cd3009743469b8e9f35e28bc72b8c0125c4cf9f30fdeda356d49c
a60cc329826c65370f55810f4b5db18ecf3320e109db34dcbe42fcb4c07b2f64
aee862d8258f21f543ed1af8e6aa992765b4ea0a2ec62ec752f1783986168544
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b50f88c4c9eac514aa30031cfcd757db369cc931e0d31cbeb236d1ef1e4e1170
b5cd8b5b88a8bd9adee44697f352b6368c9767328283de109d27f7743e8757da
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6fbeec2a0ff3771cda013a0369ac47a2f15fb3d2513ae4ab82fbffc66b40317
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
b9aa64fbedf2b8c9d11b0127189b6cd286c2548134af0090e59f71b984e12091
b9dd7017b745ffae598a05d4e36a957f4a7591b5819539f9b212049fde50df52
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
bbd718e2ca9790b13812906630296f094610efaff904255a35468663b3415ac8
bc7d120c6cec8364c2d8541a626867fc24ad8287b27c58cdf8327cb4f3611f75
bf927c4e61681bb6f40d5a1d2be968567eb720a667d6c259db51332884e06d91
c09fa9679fb13cb821998f533f0f3b51a4a1756bbc05004aef91f8f217c54712
c157c1d8bd2a04781a514405fde0c20298d6ac178aa7ec24f83572bb326e8ee6
c1865f590c6ba50088b02d680811e06d8b6959f06ce362ae05add4d5a624188e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a9ac9b047c7761e3c32d767c5404a95b538d78084e94c837b83099e383ea16
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c95a5fe90dcc41cce3910db09c9b7d032702f62a4ac0038a840641d5ec0664b6
cacf3cc6bdad466ccf18c534caf82219ab9c43b30d007c4cbc9e80383761ff46
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daba1111f671a31e5442c3aa61b99909d44cc8f6e7276cd1174b1c4851b280b6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dda6ad33ac53197002b0e3c6c09f3714a6c79b73969d15666500689d8fc50d3c
de27d9c8ff63c8f421018c16df4ea9443583e49e5cd45b0df7d504db86a37989
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1d9a0f2b8706986187d9c0559332f9ba000d45d8b20fc5b041bec681b6f1ad7
e1f1fccf9f68287326b24abc4c657ae25f017a985f934a50431ba20e9b4cb6e2
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e9c1fe254149be535a86e3a46a634cf0b61e0bf4ef13753cead57a262bd8dea9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee7ce9b27518dc2dbcdc29b9ee2a11ad7a5017d6af39da4f592b8fd112366bbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbb19776ff06798b7cf30d1a747d245cf3c87d581e46e1ea4ea809f75afeeeb
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f581ebb13df469f5d292a2da3904398d2acbf9f5005794305d2ba7b14cf0211c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68537c8547d39b666e8da118904675d62890741a9f8ef0f697141f94c60b407
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f98a1dfa5788bb78a1849f3ae7e7ee26938cbdd274329e2c88c694b9e0333756
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4