urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/8mDe7hFNmE
Effective URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium...
Submission: On August 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 12 countries across 78 domains to perform 342 HTTP transactions. The main IP is 2001:8d8:100f:f000::289, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is securityaffairs.co. The Cisco Umbrella rank of the primary domain is 329195.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on March 24th 2022. Valid for: a year.
This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
44 2001:8d8:100f... 8560 (IONOS-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 99.86.4.127 16509 (AMAZON-02)
5 184.51.8.30 16625 (AKAMAI-AS)
13 68.183.31.14 14061 (DIGITALOC...)
10 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
3 3.127.240.71 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 23.35.228.23 16625 (AKAMAI-AS)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.250.36.127 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
3 18 37.252.172.249 29990 (ASN-APPNEX)
2 178.250.2.146 44788 (ASN-CRITE...)
2 141.95.98.64 16276 (OVH)
3 15.197.193.217 16509 (AMAZON-02)
6 137.184.242.150 14061 (DIGITALOC...)
4 185.86.138.32 201081 (SMARTADSE...)
3 3.123.47.246 16509 (AMAZON-02)
4 69.166.1.15 27630 (AS-XFERNET)
4 185.64.190.77 62713 (AS-PUBMATIC)
4 3.73.18.26 16509 (AMAZON-02)
8 34.98.64.218 15169 (GOOGLE)
4 2602:803:c003... 26667 (RUBICONPR...)
4 34.107.148.139 15169 (GOOGLE)
4 34.149.20.76 15169 (GOOGLE)
4 216.52.2.39 30282 (AS-INAPCD...)
2 35.157.246.167 16509 (AMAZON-02)
1 5 5.178.65.245 50673 (SERVERIUS-AS)
2 6 52.0.165.20 14618 (AMAZON-AES)
1 1 52.204.175.17 14618 (AMAZON-AES)
2 69.166.1.10 27630 (AS-XFERNET)
1 1 92.123.9.160 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
2 7 104.18.19.126 13335 (CLOUDFLAR...)
1 205.234.175.175 23352 (SERVERCEN...)
1 2 51.89.9.251 16276 (OVH)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
3 19 142.250.186.130 15169 (GOOGLE)
2 3 35.227.248.159 15169 (GOOGLE)
2 3 37.157.6.246 198622 (ADFORM)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.215.111.225 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
1 185.15.245.83 24961 (MYLOC-AS ...)
2 3 52.30.61.76 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 54.73.80.98 16509 (AMAZON-02)
1 157.90.211.246 24940 (HETZNER-AS)
3 3 151.101.66.49 54113 (FASTLY)
1 1 184.51.9.44 16625 (AKAMAI-AS)
1 1 3.229.243.180 14618 (AMAZON-AES)
3 5 52.94.223.167 16509 (AMAZON-02)
4 7 209.54.182.161 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
1 1 34.249.241.1 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 1 34.111.151.213 15169 (GOOGLE)
1 1 50.31.142.127 22075 (AS-OUTBRAIN)
1 1 34.199.174.189 14618 (AMAZON-AES)
1 69.173.144.165 26667 (RUBICONPR...)
24 2a00:1450:400... 15169 (GOOGLE)
2 3 69.173.144.139 26667 (RUBICONPR...)
5 5 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 5.178.65.252 50673 (SERVERIUS-AS)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 65.9.66.68 16509 (AMAZON-02)
1 212.83.160.162 12876 (Online SAS)
3 216.58.212.162 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
4 151.101.65.108 54113 (FASTLY)
4 23.35.236.201 16625 (AKAMAI-AS)
4 104.17.120.107 13335 (CLOUDFLAR...)
1 67.202.105.21 32748 (STEADFAST)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.122.214.165 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 162.19.80.92 16276 (OVH)
3 3 35.158.200.182 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 3.66.208.67 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 1 159.122.14.34 36351 (SOFTLAYER)
1 1 52.2.211.96 14618 (AMAZON-AES)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 3.126.56.137 16509 (AMAZON-02)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
342 87
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
44    2001:8d8:100f:f000::289 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
securityaffairs.co
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2600:9000:225e:9200:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
1    99.86.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-127.fra6.r.cloudfront.net
platform-api.sharethis.com
5    184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com
contextual.media.net
13    68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
10    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    3.127.240.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-240-71.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2600:9000:206f:3a00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
lg3.media.net
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    2606:4700:20::681a:644 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.250.36.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
18    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
4    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    3.123.47.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-47-246.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
4    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    3.73.18.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
pixfuture2-d.openx.net
u.openx.net
4    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
4    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
5    5.178.65.245 (Rijswijk, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
6    52.0.165.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-165-20.compute-1.amazonaws.com
a.audrte.com
1    52.204.175.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-175-17.compute-1.amazonaws.com
ssp.disqus.com
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
r.casalemedia.com
dsum-sec.casalemedia.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
15    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
19    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f607:ba15:f8ca:726:bfa6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b001:736:16ab:a44d:3496 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.215.111.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-111-225.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
3    52.30.61.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-61-76.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    54.73.80.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    184.51.9.44 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-44.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.229.243.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-243-180.compute-1.amazonaws.com
usermatch.krxd.net
5    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.249.241.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-241-1.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    50.31.142.127 (Lincolnwood, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    34.199.174.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-174-189.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
24    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a05:d018:d29:3605:9ba9:76c9:a8da:3df (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    5.178.65.252 (Rijswijk, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    212.83.160.162 (France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
js.cookieless-data.com
3    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
c.eu1.dyntrk.com
3    35.158.200.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-182.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    3.66.208.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-208-67.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    52.2.211.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-211-96.compute-1.amazonaws.com
fksnk.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
Apex Domain
Subdomains		 Transfer
44 securityaffairs.co
securityaffairs.co — Cisco Umbrella Rank: 329195
1 MB
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
658 KB
24 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
55 KB
22 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 463
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
83 KB
22 pixfuture.com
served-by.pixfuture.com — Cisco Umbrella Rank: 52506
cdn.pixfuture.com — Cisco Umbrella Rank: 63562
prebidserver.pixfuture.com — Cisco Umbrella Rank: 113191
526 KB
18 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
eus.rubiconproject.com — Cisco Umbrella Rank: 582
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2237
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
token.rubiconproject.com — Cisco Umbrella Rank: 711
28 KB
15 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1891
mwzeom.zeotap.com — Cisco Umbrella Rank: 1478
4 KB
12 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
9 KB
12 wp.com
i0.wp.com — Cisco Umbrella Rank: 2991
stats.wp.com — Cisco Umbrella Rank: 2570
pixel.wp.com — Cisco Umbrella Rank: 2431
226 KB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 537
lg3.media.net — Cisco Umbrella Rank: 3677
prebid.media.net — Cisco Umbrella Rank: 1269
37 KB
10 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493
image6.pubmatic.com — Cisco Umbrella Rank: 634
ads.pubmatic.com — Cisco Umbrella Rank: 492
24 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
8 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1324
r.casalemedia.com — Cisco Umbrella Rank: 778
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
dsum.casalemedia.com — Cisco Umbrella Rank: 1387
8 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5255
u-ams02.e-planning.net — Cisco Umbrella Rank: 85411
i.e-planning.net — Cisco Umbrella Rank: 7512
s.e-planning.net — Cisco Umbrella Rank: 7146
4 KB
8 openx.net
pixfuture2-d.openx.net — Cisco Umbrella Rank: 71579
u.openx.net — Cisco Umbrella Rank: 705
1 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
102 KB
6 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2195
11 KB
6 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1019
cms.analytics.yahoo.com — Cisco Umbrella Rank: 796
ads.yahoo.com — Cisco Umbrella Rank: 2295
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
3 KB
6 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1901
sync.go.sonobi.com — Cisco Umbrella Rank: 992
4 KB
6 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 8483
platform-api.sharethis.com — Cisco Umbrella Rank: 4580
l.sharethis.com — Cisco Umbrella Rank: 4476
buttons-config.sharethis.com — Cisco Umbrella Rank: 5510
57 KB
5 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 820
tags.crwdcntrl.net — Cisco Umbrella Rank: 1220
17 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1788
ssc-cms.33across.com — Cisco Umbrella Rank: 999
871 B
4 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2946
5 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 654
3 KB
4 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2636
637 B
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1244
match.sharethrough.com — Cisco Umbrella Rank: 544
510 B
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1497
1 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 590
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 515
usermatch.krxd.net — Cisco Umbrella Rank: 1240
942 B
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 5038
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 464
767 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
919 B
3 google-analytics.com
google-analytics.com — Cisco Umbrella Rank: 36
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 3094
21 KB
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5005
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
87 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25384
680 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1122
750 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
334 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 508
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 461
987 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
108 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54 Failed
2 KB
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 24860
439 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2578
549 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4753
617 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
711 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2202
708 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 743
761 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 43272
606 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1072
463 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 949
1 KB
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7261
535 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 5036
17 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
707 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1369
380 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
317 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1774
366 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2647
186 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 93873
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 486
145 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1005
770 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1918
359 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20216
219 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1558
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 117032
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7247
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11716
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 707
161 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2420
423 B
1 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 592
98 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1543
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 727
6 KB
1 t.co
t.co — Cisco Umbrella Rank: 489
600 B
342 78
Domain Requested by
44 securityaffairs.co t.co
securityaffairs.co
24 pagead2.googlesyndication.com cdn.pixfuture.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
19 cm.g.doubleclick.net 3 redirects spl.zeotap.com
r.casalemedia.com
eus.rubiconproject.com
googleads.g.doubleclick.net
18 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 ib.adnxs.com 1 redirects cdn.pixfuture.com
spl.zeotap.com
acdn.adnxs.com
13 served-by.pixfuture.com securityaffairs.co
cdn.pixfuture.com
pagead2.googlesyndication.com
12 mwzeom.zeotap.com ads.us.e-planning.net
10 i0.wp.com securityaffairs.co
7 s.amazon-adsystem.com 4 redirects ads.us.e-planning.net
r.casalemedia.com
eus.rubiconproject.com
6 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
6 a.audrte.com 2 redirects ads.us.e-planning.net
a.audrte.com
6 prebidserver.pixfuture.com cdn.pixfuture.com
ads.us.e-planning.net
5 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 token.rubiconproject.com 5 redirects
5 dsum-sec.casalemedia.com 1 redirects r.casalemedia.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.us.e-planning.net
eus.rubiconproject.com
5 contextual.media.net securityaffairs.co
cdn.pixfuture.com
4 fonts.gstatic.com fonts.googleapis.com
4 biddr.brealtime.com cdn.pixfuture.com
4 u.openx.net cdn.pixfuture.com
4 ads.pubmatic.com cdn.pixfuture.com
4 acdn.adnxs.com cdn.pixfuture.com
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
cdn.pixfuture.com
4 ap.lijit.com cdn.pixfuture.com
4 ssc.33across.com cdn.pixfuture.com
4 prebid.media.net cdn.pixfuture.com
4 fastlane.rubiconproject.com cdn.pixfuture.com
4 pixfuture2-d.openx.net cdn.pixfuture.com
4 hb.emxdgt.com cdn.pixfuture.com
4 hbopenbid.pubmatic.com cdn.pixfuture.com
4 apex.go.sonobi.com cdn.pixfuture.com
4 prg.smartadserver.com cdn.pixfuture.com
4 secure.adnxs.com 2 redirects
3 x.bidswitch.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
3 sync-tm.everesttech.net 3 redirects
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 dmp.adform.net 2 redirects spl.zeotap.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net ads.us.e-planning.net
r.casalemedia.com
vid.vidoomy.com
3 btlr.sharethrough.com cdn.pixfuture.com
3 match.adsrvr.org cdn.pixfuture.com
spl.zeotap.com
r.casalemedia.com
3 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
securityaffairs.co
3 l.sharethis.com ws.sharethis.com
securityaffairs.co
2 c.eu1.dyntrk.com 2 redirects
2 www.gstatic.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
2 s.e-planning.net ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 onetag-sys.com 1 redirects ads.us.e-planning.net
2 sync.go.sonobi.com ads.us.e-planning.net
googleads.g.doubleclick.net
2 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
2 c2shb.ssp.yahoo.com cdn.pixfuture.com
2 id5-sync.com cdn.pixfuture.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 aa.agkn.com 1 redirects cdn.pixfuture.com
2 lg3.media.net securityaffairs.co
2 www.googletagmanager.com securityaffairs.co
www.googletagmanager.com
2 fonts.googleapis.com securityaffairs.co
googleads.g.doubleclick.net
1 ads.avads.net 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 fksnk.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync.inmobi.com 1 redirects
1 match.sharethrough.com googleads.g.doubleclick.net
1 p.rfihub.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ps.eyeota.net
1 ssc-cms.33across.com cdn.pixfuture.com
1 js.cookieless-data.com s.e-planning.net
1 vid.vidoomy.com ads.us.e-planning.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 dsum.casalemedia.com r.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 i.e-planning.net ads.us.e-planning.net
1 r.casalemedia.com ads.us.e-planning.net
1 ssum.casalemedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ssp.disqus.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.google-analytics.com google-analytics.com
1 pixel.wp.com securityaffairs.co
1 secure.gravatar.com securityaffairs.co
1 google-analytics.com securityaffairs.co
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com securityaffairs.co
1 platform-api.sharethis.com securityaffairs.co
1 ws.sharethis.com securityaffairs.co
1 maxcdn.bootstrapcdn.com securityaffairs.co
1 t.co
0 api.rlcdn.com Failed cdn.pixfuture.com
342 122
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.securityaffairs.co
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-24 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-30 -
2022-12-03		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-07-17 -
2022-10-15		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
dmp.theadex.com
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.e-planning.net
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh

This page contains 52 frames:

Primary Page: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Frame ID: E559A633A599FD6250FA2F9D11E7258A
Requests: 148 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 8C98E2ADBFDA5A67D2196D2D432442C2
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 0EF19CB72E58E98A34C3791F5720C839
Requests: 11 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Frame ID: CC4CE877282CA0B61EDECE311BCC1210
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 579E1C67D07917488D7616A9278B94D3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 5B0513959478D07C82B415C2B31DF498
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&cmp=0
Frame ID: 56D84A309384B3BFF16D27CDD12BAFF8
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D8BD0341E07C6790E5C77D36B99F4DA1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FAC62253BFD6338646AE9B13139E7B34
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9C5A0F87C0FB5993B670839878A52B2C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: C526E4BE1DA62BB2A558C7833C54A81E
Requests: 8 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: B566AC42B99AA0956929B22BD6337BAF
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 342AB59D55359726D1C720B11B40F42E
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=17ac4f1943b63098&uid=a6f37f0123013099a595be2217fc435a
Frame ID: DDB4A8132B1BE614F903CC019FCEA132
Requests: 2 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AKRJQgZawetfIN2w
Frame ID: B722EB599A42C0AD4FB95FBA986E2BE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Frame ID: 67436253A62F9E0F050ECD5461B6BE9A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Frame ID: A7AB9C19825B1618E4A51CBE0ED33F80
Requests: 15 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/afr.php
Frame ID: ED5E93BA174DE87504DC0B7EA10C0E79
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 73368C9CE7136AEC7F8D3BB697254F58
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 529077A2780DF18D8915FFF64E5B62DC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 458335296C558EA97E7390F98A1D27F8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 956E83A07B1D966B7A6768D09789B179
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 836C13CA9B9ED55107EE686D5B65CAAB
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1ECCC258059BC87E8146D23374BD7859
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 515A26B278DED5BF170DB02855948CF0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6DAB849FC7E3CCFC8988DBBBCA9058C9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: A533A48B7C2994CEAFAE416C900A68F6
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 43E5A9B6D712ADD600A46D380E7493BF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: F824B22DFFAE885D890D7267795A16F1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: B2865C6E619E61D490151E7C971C96D5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A57342AF8836942DBE0ECEAB2C66E05C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 436A720BF491516A20A1FF19282EBCF9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D27702D34C9F7ED098BB81541A330975
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1BEBB2AED281F3889AD1CDAEC26EA3AA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 2ACA0B4337A3490A4A4D8963FA2DAFFA
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7619A7EEBA467128E4133A7C4F6F3222
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: BFAC2E471EFAB8DB91BDBB4E3EA3A82F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A0E447787B2CBFB82044DA56E430AEEB
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5DAB8CBF9241B5D24523A068699381A9
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: AC13E55C7BA0A2946ABEDECCF9E88C83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 004E4AB0FDE28F39593EC6C6A0A814B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1586AD332264778CC846F310C2507FC8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B49EDE44F13A671E3A0F71BE78A2CCAA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 11E06F6947BAA165A98D712960DF8B52
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 30D341EBC36C739388D8D191D98F595C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 845ABECBFACC0DF6FCF7BF67A872DF87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD1269DF38D23285437E65FDC6E9DA04
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E88C09F5DBFA67E8970D49503EF0DBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1D25F4AA41A8B50AC9CB63351F86AD3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4E1EB94EADBCDC6C2C17E1BDD5D72DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11DB70345BEED59DD2E1069DE006C1A2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/300x250.png
Frame ID: 6602C227C64C8A979DFE710EE81B238C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grandoreiro banking malware targets Mexico and SpainSecurity Affairs

Page URL History Show full URLs

  1. https://t.co/8mDe7hFNmE Page URL
  2. https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_sourc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

342
Requests

85 %
HTTPS

28 %
IPv6

78
Domains

122
Subdomains

87
IPs

12
Countries

3396 kB
Transfer

5614 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/8mDe7hFNmE Page URL
  2. https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Request Chain 86
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Request Chain 87
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=vAcJi3xIRlVDZmpybUx4YjhxVVF5ZjBORG5CMmxJQ01nZVRUVDNyN3BENUNLNGhDdEw3MEYxVEVLQVg2UFRvVDY5N1BxdDNBRndud2hCelRhWnp4dmJOU1BlUTVhdXdhU0JnL0VISERtNWlzT2VlekpEVG1aUFpVWVE1Z2xqQzAxZmhzRGw2QTgrWWlOdzU5TTBJQ2k2cWp4L3BnWFBFbEoxRTNZdFNDNC9nb0RmaWkyY0ZZeDBMTWRlc0NDOVAwR2NzSFpTNUk1THRBSjI1Tk9SUTAvL2R2a3JDeXJJaGdtSzl5RW5ZOFhwRTNJdGQwPXw&cppv=2
Request Chain 142
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 144
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D17ac4f1943b63098%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=17ac4f1943b63098&uid=355593504253381223
Request Chain 145
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D17ac4f1943b63098%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253De64f73568d2b3c34%2526fi%253D17ac4f1943b63098%2526uid%253Dua-5ccc5590-f076-37da-b2eb-548172a66aa4
Request Chain 146
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 147
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Request Chain 153
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c0ab74fc-ee9d-403a-abc8-d0fea689ad19&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 159
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=1509ccc8-4865-4832-951e-0536c08e25ef&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 160
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=69592146284420961523433012912715034395&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 162
  • https://bn01.er.bemail.it/zeotap.php?_bid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022082118-49274-0.053204001661099637-ee67d3a0c1343215bc3fc22c3d09aa71&zdid=533&env=mWeb
Request Chain 163
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7134256814033729691&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 165
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361&bounce=1&random=2111212719 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=KrT8JWwvXYQRWLici8aejO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 167
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 168
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-D5Jx0PpE2or0zj3oLsWZkXqHPGA.wEUK_g--~A&zpartnerid=570&env=mWeb
Request Chain 169
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MjjoqVWHhTgC2XRSL6KOjM7elgk%2FeiqE%2BS41iYitP1U%3D
Request Chain 172
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361&_test=YwH4xgAIBgMJVwAK HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YwH4xgAIBgMJVwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&_test=YwH4xgAIBgMJVwAK
Request Chain 173
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7ee06301-f8c6-4c00-846a-f8a8c809a4d5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 174
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 175
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&dcc=t
Request Chain 176
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&dcc=t
Request Chain 178
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Request Chain 181
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwH4xlHxavl_PMSUvJcpJAAABGIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwH4xlHxavl_PMSUvJcpJAAABGIAAAIB&dcc=t
Request Chain 183
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwH4xlHxavl-PMSUvJcpJAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YwH4xlHxavl-PMSUvJcpJAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJykYbOSoZWMMIWJ0-yyNbo&google_cver=1&gdpr=1
Request Chain 184
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661160006&gdpr=1
Request Chain 185
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d9c2a880-70d4-0ba8-985faab1
Request Chain 186
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 187
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=602023df-1e57-46dd-8490-9cdca2a8924c&expiration=1692609606
Request Chain 200
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5kBee3XHR--m7ibJ1nXtrg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5kBee3XHR--m7ibJ1nXtrg
Request Chain 201
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEM1ODYtNi1MNzBG
Request Chain 202
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L734C586-6-L70F
Request Chain 203
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734C586-6-L70F&sigv=1&esig=2~da40d2acda75a2a3c96ec49d51c7114991a5ff90
Request Chain 204
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY5NmUwZjFlMWI5ODIzZmZmYWIzY2QyYmI5ZDMwNTFmM2IwOTgxOA
Request Chain 206
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5lZOgIGuRdeZgN0glSKVcA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5lZOgIGuRdeZgN0glSKVcA
Request Chain 207
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ApFOx5ScOqAr10Oegac7yQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7369290301688837111
Request Chain 230
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696135&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606791&bpp=10&bdt=226&idt=261&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1807977065&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2778&biw=1600&bih=1200&isw=300&ish=250&ifk=184002190&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068737%2C31068919&oid=2&pvsid=1132270297930393&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nkqyztfmq6o&btvi=1&fsb=1&xpc=Tnj1FOd0Lp&p=https%3A//securityaffairs.co&dtd=276 HTTP 302
  • https://served-by.pixfuture.com/www/delivery/afr.php
Request Chain 274
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4490363118202122320 HTTP 302
  • https://a.audrte.com/p
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=7d0jcryHYraTcimEJzMK1n9AA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=7d0jcryHYraTcimEJzMK1n9AA&gdpr=0&gdpr_consent=&google_gid=CAESEP-DcbgBZmtjuhn_9yNgSPw&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 293
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFqN74HUvcqBOaftpHlILLQ&google_cver=1&google_push=AehlK4DSlZ96S7Fk1b-At4Dhah19G_ybPspUGjraaa2UJ_l8-hV4DtNZpQ9iRwJxCFZ9hywgGJypy2QtSLAq2eMYnex60Woz_ro HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DSlZ96S7Fk1b-At4Dhah19G_ybPspUGjraaa2UJ_l8-hV4DtNZpQ9iRwJxCFZ9hywgGJypy2QtSLAq2eMYnex60Woz_ro&google_hm=NRHqfPFtQtWZGrHp6JEcqBM
Request Chain 294
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBnXe0krRVqDKr4hRJdjSlU&google_cver=1&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxctwW7ve9bfiGoGKTLMs HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBnXe0krRVqDKr4hRJdjSlU&google_cver=1&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxctwW7ve9bfiGoGKTLMs&prevuid=&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxctwW7ve9bfiGoGKTLMs&google_hm=
Request Chain 295
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMp4AU4y2psLdCFobF2_Re4&google_cver=1&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlExU6VKepczuZ20 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMp4AU4y2psLdCFobF2_Re4&google_cver=1&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlExU6VKepczuZ20 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196423003052253&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlExU6VKepczuZ20&google_hm=ZVatHxC6QJWVubquYKfXhw==
Request Chain 298
  • https://sync.inmobi.com/gob?google_gid=CAESEJJkKRsQyCdAdoUW0r9I-gE&google_cver=1&google_push=AehlK4CvIo5tUUm5NO2TsZ6WRWX7jBqVCxpjWaHijrwTvK2-0eIF44uxvbCJaBUdRsgrlBqj35SC94pZfkpllfAfDz_7cYdUHPA HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CvIo5tUUm5NO2TsZ6WRWX7jBqVCxpjWaHijrwTvK2-0eIF44uxvbCJaBUdRsgrlBqj35SC94pZfkpllfAfDz_7cYdUHPA&gdpr_consent=&gdpr=
Request Chain 300
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPYhM3etPyKfJCF-YxyjtHI&google_cver=1&google_push=AehlK4D_HeIreMIuf8WF8ql-hXIiIjatkaM7mZ1o8bAoE5NCPGGjqrMpxx0dKlk4HA8wbblFNkqL3F5Ax78WrwccYgar7jZkFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdINHhnQUlCZ01KVndBSw==&google_gid=CAESEPYhM3etPyKfJCF-YxyjtHI&google_cver=1&google_push=AehlK4D_HeIreMIuf8WF8ql-hXIiIjatkaM7mZ1o8bAoE5NCPGGjqrMpxx0dKlk4HA8wbblFNkqL3F5Ax78WrwccYgar7jZkFA
Request Chain 301
  • https://um.simpli.fi/gp_match?google_gid=CAESEAoMgcKiYq770yqFF7r_40E&google_cver=1&google_push=AehlK4AlvUU_PdGTNGs5N_Gi914gnMI5Gr54tUQItsuaJgpr_ongzKh4-YXdlMhxEDv2gtnG0QATsqRPV-TJwtSpRxlPrBpxjGE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30ACEDFE20DE4C1F9DE0EB9B5ADDD25C&google_push=AehlK4AlvUU_PdGTNGs5N_Gi914gnMI5Gr54tUQItsuaJgpr_ongzKh4-YXdlMhxEDv2gtnG0QATsqRPV-TJwtSpRxlPrBpxjGE
Request Chain 302
  • https://fksnk.com/cs/google?google_gid=CAESEHZ5Qj01oIBZ4xRxV8QX3KI&google_cver=1&google_push=AehlK4BKAzZlN9r-_zZErEiGTYdemJ6hir_FnzlFbEuwhMWpvgch36wtDN1h1RqxkIuO6uPX21eSGiv5JLPr_gIUyn0NHyNwfyo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEVCQUFDQTc4NDFEODlEQg==
Request Chain 303
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEHN8iSr5N0Jnp5slynpkgVo&google_cver=1&google_push=AehlK4Aies1xuX-1nbjJrTj_gQiW7mH5jrqh3HuypNiqmO-nKrV-w8UqC7f1dox6L6oXyhS7MnIX9lQQwmEmpjWyWQPX1d4kbok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4Aies1xuX-1nbjJrTj_gQiW7mH5jrqh3HuypNiqmO-nKrV-w8UqC7f1dox6L6oXyhS7MnIX9lQQwmEmpjWyWQPX1d4kbok
Request Chain 304
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJxrmPqL84FEglF7oHbN2Lo&google_cver=1&google_push=AehlK4CBjxFaVv8w_p9PAzC5zzWooRBc1vW2E3E5QNURm2oFbz-NZgKkaHeYLDiOnDyw18_3C6yeSjstWtccUS6xweZfOTcp9Ms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CBjxFaVv8w_p9PAzC5zzWooRBc1vW2E3E5QNURm2oFbz-NZgKkaHeYLDiOnDyw18_3C6yeSjstWtccUS6xweZfOTcp9Ms
Request Chain 305
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBjp0o7nALZUmFSmbQigpNw&google_cver=1&google_push=AehlK4CTqmL5R_SfGoIBUgAOusAKARGqOMdlZDNaXS8LlIC1X0vb7ru2SrQ8nsqAp9kuLhrg2HbJq4Us2P1v_RkB1xL4pwrpUAxR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1keS5tTW9aRTJ1RXhXUUY5aGYwX1RIZFQ5MHZJdDVWY35B&google_push=AehlK4CTqmL5R_SfGoIBUgAOusAKARGqOMdlZDNaXS8LlIC1X0vb7ru2SrQ8nsqAp9kuLhrg2HbJq4Us2P1v_RkB1xL4pwrpUAxR
Request Chain 306
  • https://ads.avads.net/sync/ggl?google_gid=CAESEK2E8ALdWMJCbxasPmCzsKc&google_cver=1&google_push=AehlK4AgnruXYH3d0uh-8SSjaVGM1KqPHHROkL-6qS2pC8Eo6ynxAKAobtkVi-0y1fnZ_eN1DAzsr0RMsjdwZHLWmlihdC1uPgK4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjZmZDFjZWQtNmYxYy00ZTg5LWE3OWYtYjAwNjFkZGUzNWM2&google_push=AehlK4AgnruXYH3d0uh-8SSjaVGM1KqPHHROkL-6qS2pC8Eo6ynxAKAobtkVi-0y1fnZ_eN1DAzsr0RMsjdwZHLWmlihdC1uPgK4
Request Chain 311
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

342 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8mDe7hFNmE
t.co/ 		559 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/8mDe7hFNmE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
269
content-type
text/html; charset=utf-8
date
Sun, 21 Aug 2022 09:20:00 GMT
expires
Sun, 21 Aug 2022 09:25:00 GMT
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
1152d78b4cdb114a2ba8daf83c3a73247586e3dc5d16a16bd82c5f1238a5d627
x-response-time
118
x-xss-protection
0
Primary Request grandoreiro-targest-mexico-spain.html
securityaffairs.co/wordpress/134651/cyber-crime/ 		97 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Requested by
Host: t.co
URL: https://t.co/8mDe7hFNmE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8b1477318fe967aa147dcea8d134782e19a9953e7d164654e3a22ddca0862b15

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:00 GMT
link
<https://securityaffairs.co/wordpress/wp-json/>; rel="https://api.w.org/", <https://securityaffairs.co/wordpress/wp-json/wp/v2/posts/134651>; rel="alternate"; type="application/json", <https://securityaffairs.co/wordpress/?p=134651>; rel=shortlink
server
Apache
x-pingback
https://securityaffairs.co/wordpress/xmlrpc.php
style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ 		101 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=a27a5f2dbcd76fca02b031770446541d
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6acaf1e28f06b9575940731ab904b18dde4d2bf52618c42fddb14d0d9b6c028c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Tue, 12 Jul 2022 21:45:23 GMT
server
Apache
accept-ranges
bytes
etag
"193c1-5e3a295f4b1f7"
content-length
103361
content-type
text/css
mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"2bf8-5b61073acf500"
content-length
11256
content-type
text/css
wp-mediaelement.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/wp-mediaelement.css?ver=a27a5f2dbcd76fca02b031770446541d
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
Apache
accept-ranges
bytes
etag
"1360-597430d761a00"
content-length
4960
content-type
text/css
cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Mon, 09 May 2022 23:09:21 GMT
server
Apache
accept-ranges
bytes
etag
"c22-5de9c4c5f3471"
content-length
3106
content-type
text/css
cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Mon, 09 May 2022 23:09:21 GMT
server
Apache
accept-ranges
bytes
etag
"6a71-5de9c4c5f3471"
content-length
27249
content-type
text/css
ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 		142 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=1654300135
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
fdb60418f2e23b359b2ade2aca337dccf02e24215d1a77bb816ba1820e5bbff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Fri, 03 Jun 2022 23:48:55 GMT
server
Apache
accept-ranges
bytes
etag
"23809-5e093c3f1132e"
content-length
145417
content-type
text/css
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=8.2.6
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
5105330
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6c27480193430d6ea3ddfc5c9cf7f881
cf-ray
73e24a66ccd5bbdd-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
Apache
accept-ranges
bytes
etag
"4d92-52704407f72c0"
content-length
19858
content-type
text/css
tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		539 B
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"21b-526fe6d7cd700"
content-length
539
content-type
text/css
flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
Apache
accept-ranges
bytes
etag
"1851-5270441180940"
content-length
6225
content-type
text/css
animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"6b4-526fe6d5e5280"
content-length
1716
content-type
text/css
font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"4574-526fe6d5e5280"
content-length
17780
content-type
text/css
swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"118d-526fe6e527680"
content-length
4493
content-type
text/css
jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		334 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"14e-526fe6d5e5280"
content-length
334
content-type
text/css
screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		110 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"1b844-526fe6d7cd700"
content-length
112708
content-type
text/css
custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
content-type
text/css; charset: UTF-8;charset=UTF-8
server
Apache
grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		49 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=a27a5f2dbcd76fca02b031770446541d
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
Apache
accept-ranges
bytes
etag
"c5f2-526fe6d6d94c0"
content-length
50674
content-type
text/css
sharing.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=11.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
dda6ad33ac53197002b0e3c6c09f3714a6c79b73969d15666500689d8fc50d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Thu, 04 Aug 2022 22:03:27 GMT
server
Apache
accept-ranges
bytes
etag
"4991-5e57184efbe91"
content-length
18833
content-type
text/css
social-logos.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=11.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Thu, 04 Aug 2022 22:03:25 GMT
server
Apache
accept-ranges
bytes
etag
"312f-5e57184c7d47c"
content-length
12591
content-type
text/css
jquery.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		282 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=3.6.0
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Fri, 23 Jul 2021 22:11:53 GMT
server
Apache
accept-ranges
bytes
etag
"46758-5c7d1b0de3c40"
content-length
288600
content-type
application/javascript
jquery-migrate.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"62d4-5b61073acf500"
content-length
25300
content-type
application/javascript
cookie-law-info-public.js
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Mon, 09 May 2022 23:09:21 GMT
server
Apache
accept-ranges
bytes
etag
"8583-5de9c4c5f53b0"
content-length
34179
content-type
application/javascript
medianetAdInjector.js
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/ 		562 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Sat, 08 May 2021 23:27:41 GMT
server
Apache
accept-ranges
bytes
etag
"232-5c1d9e402b540"
content-length
562
content-type
application/javascript
st_insights.js
ws.sharethis.com/button/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.2.6
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6eab47c17572a089ad9ceb4c9694a99d7f3ffccd5d1c778438016b1eccdc8f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 21:46:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
214435
x-cache
Hit from cloudfront
content-length
12778
server
nginx/1.20.1
etag
W/"62bdf23a-c590"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
8ZnGCusWmlF2jV0JJg7QmpUnXn_4vMkE_VRb9bqVpkZiY9g3xX9b6g==
expires
Sun, 21 Aug 2022 21:46:08 GMT
sharethis.js
platform-api.sharethis.com/js/ 		190 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-127.fra6.r.cloudfront.net
Software
/
Resource Hash
2b02c99b94bd29097fd168548bea6dfc28c9ffd3c2d751c1f375c9da902d8f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:18:34 GMT
content-encoding
gzip
vary
Accept-Encoding
age
89
etag
W/"2f749-jZtDoLQECLv0cAmOiJJ6B61Kdic"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA6-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
WjZs9GSSg0ZolDciRPoCYampCu4GCqQbQ5ZxFDJNCVv2dGcMF_yAQA==
dmedianet.js
contextual.media.net/ 		368 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-mnt-h
22-rm2g
date
Sun, 21 Aug 2022 09:20:04 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
expires
Sun, 21 Aug 2022 09:25:04 GMT
cache-control
max-age=300
strict-transport-security
max-age=31536000
content-length
368
x-cache-hits
0
logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 17:30:42 GMT
server
Apache
accept-ranges
bytes
etag
"b0e9-5270743f5f480"
content-length
45289
content-type
image/png
headerbid.js
served-by.pixfuture.com/www/delivery/ 		973 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Tue, 02 Mar 2021 20:36:48 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"603ea1e0-3cd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
973
expires
Tue, 23 Aug 2022 09:20:04 GMT
grandoreiro-malware.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/08/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/08/grandoreiro-malware.png?resize=1024%2C621&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
64cceeb3c786c3e8477d10446dc4013462fb4c47934d638156e1f0a91fcc075b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Aug 2022 08:36:37 GMT
server
nginx
etag
"9850f0938e4bc08c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2022/08/grandoreiro-malware.png>; rel="canonical"
content-length
86170
expires
Tue, 20 Aug 2024 20:36:37 GMT
twemoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=a27a5f2dbcd76fca02b031770446541d
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 25 May 2022 22:59:02 GMT
server
Apache
accept-ranges
bytes
etag
"7e90-5dfde04f437ff"
content-length
32400
content-type
application/javascript
wp-emoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=a27a5f2dbcd76fca02b031770446541d
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Tue, 31 Mar 2020 22:49:14 GMT
server
Apache
accept-ranges
bytes
etag
"231d-5a22e60748e80"
content-length
8989
content-type
application/javascript
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		830 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 20:34:29 GMT
server
nginx
etag
"509a053c355d6394"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length
830
expires
Sat, 11 Jun 2022 08:34:29 GMT
twitter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"fbafb4fa36d9fc66"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length
1082
expires
Sat, 05 Nov 2022 20:12:40 GMT
linkedin.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"8daaaf021369fdba"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length
1184
expires
Sat, 05 Nov 2022 20:12:40 GMT
230713-pleiades-satellites.jpg
securityaffairs.co/wordpress/wp-content/uploads/2014/01/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2014/01/230713-pleiades-satellites.jpg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6d465b21cb400449cd11a03b53bcd10c0319719736294e9a33318172e048ca8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 08:46:50 GMT
server
Apache
accept-ranges
bytes
etag
"79df-526fff277b280"
content-length
31199
content-type
image/jpeg
newsletter.png
securityaffairs.co/wordpress/wp-content/uploads/2015/03/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1267fc6c8805b7f508e04bc8da776509420413adb25e197f12c9f9405c74ac6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 11:53:22 GMT
server
Apache
accept-ranges
bytes
etag
"c758-527028d901080"
content-length
51032
content-type
image/png
230713-pleiades-satellites.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/01/230713-pleiades-satellites.jpg?resize=300%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
7da2c210f5decf1745310ab41268df3bbae82bf2400a3c37427cb48f91a18fb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Aug 2022 08:17:27 GMT
server
nginx
etag
"2ddc6fc58c6e3329"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2014/01/230713-pleiades-satellites.jpg>; rel="canonical"
content-length
9994
expires
Tue, 20 Aug 2024 20:17:27 GMT
photon.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Thu, 04 Aug 2022 22:03:27 GMT
server
Apache
accept-ranges
bytes
etag
"6e0-5e57184ec6340"
content-length
1760
content-type
application/javascript
jquery.adrotate.clicktracker.js
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 		365 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 20 Jul 2022 22:10:23 GMT
server
Apache
accept-ranges
bytes
etag
"16d-5e443de11a895"
content-length
365
content-type
application/javascript
ssba.js
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1654300135
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9b978821f78e7bd3a48e5ae8fd7121a291eec506579406745800ca0590f0907c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Fri, 03 Jun 2022 23:48:55 GMT
server
Apache
accept-ranges
bytes
etag
"7c3-5e093c3f23c09"
content-length
1987
content-type
application/javascript
hint.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3db-526fe6e433440"
content-length
987
content-type
application/javascript
jquery.tipsy.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1113-526fe6e433440"
content-length
4371
content-type
application/javascript
jquery.easing.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:03 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1fa1-526fe6e433440"
content-length
8097
content-type
application/javascript
browser.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"a36-526fe6e33f200"
content-length
2614
content-type
application/javascript
jquery.flexslider-min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
server
Apache
accept-ranges
bytes
etag
"53ae-5270441274b80"
content-length
21422
content-type
application/javascript
waypoints.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"1f6c-526fe6e527680"
content-length
8044
content-type
application/javascript
mediaelement-and-player.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
server
Apache
accept-ranges
bytes
etag
"11571-5270441645480"
content-length
71025
content-type
application/javascript
jquery.swipebox.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"2a67-526fe6e433440"
content-length
10855
content-type
application/javascript
jquery.circliful.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"c18-526fe6e433440"
content-length
3096
content-type
application/javascript
jquery.smarticker.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3225-526fe6e433440"
content-length
12837
content-type
application/javascript
custom.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"31d4-526fe6e33f200"
content-length
12756
content-type
application/javascript
sharing.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=11.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
c09fa9679fb13cb821998f533f0f3b51a4a1756bbc05004aef91f8f217c54712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Thu, 04 Aug 2022 22:03:27 GMT
server
Apache
accept-ranges
bytes
etag
"45a7-5e57184efbe91"
content-length
17831
content-type
application/javascript
e-202233.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202233.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 21 Aug 2022 09:20:04 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 06 Aug 2023 22:14:19 GMT
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1661073604787.24311&hostname=securityaffairs.co&location=%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&refDomain=t.co&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&title=Grandoreiro%20banking%20malware%20targets%20Mexico%20and%20SpainSecurity%20Affairs&sop=false&description=A%20new%20Grandoreiro%20banking%20malware%20campaign%20is%20targeting%20organizations%20in%20Mexico%20and%20Spain%2C%20Zscaler%20reported.%20Zscaler%20ThreatLabz%20researchers%20observed%20a%20Grandoreiro%20banking%20malware%20campaign%20targeting%20organizations%20in%20the%20Spanish-speaking%20nations%20of%20Mexico%20and%20Spain.%20Grandoreiro%20is%20a%C2%A0modular%20backdoor%20that%20supports%20the%20following%20capabilities%3A%20Keylogging%20Auto-Updation%20for%20newer%20versions%20and%C2%A0modules%20Web-Injects%20and%20restricting%20access%20to%20specific%20%5B%E2%80%A6%5D
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.2.6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.240.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-240-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
log
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/log?event=ibl&url=https://t.co/&description=A%20new%20Grandoreiro%20banking%20malware%20campaign%20is%20targeting%20organizations%20in%20Mexico%20and%20Spain%2C%20Zscaler%20reported.%20Zscaler%20ThreatLabz%20researchers%20observed%20a%20Grandoreiro%20banking%20malware%20campaign%20targeting%20organizations%20in%20the%20Spanish-speaking%20nations%20of%20Mexico%20and%20Spain.%20Grandoreiro%20is%20a%C2%A0modular%20backdoor%20that%20supports%20the%20following%20capabilities%3A%20Keylogging%20Auto-Updation%20for%20newer%20versions%20and%C2%A0modules%20Web-Injects%20and%20restricting%20access%20to%20specific%20%5B%E2%80%A6%5D&img_pview=true
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.240.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-240-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
5b71b64b04b9a500117b1015.js
buttons-config.sharethis.com/js/ 		30 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5b71b64b04b9a500117b1015.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:05 GMT
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified
Mon, 13 Aug 2018 16:48:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"e6e1643313740711175f51662a65b42f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
30
x-amz-cf-id
Jw9zxafHXU35iJl-S8F7jg8sydJhwRkXuge57NdLs9gSjDQmG6AXaw==
analytics.js
google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
810
date
Sun, 21 Aug 2022 09:06:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 21 Aug 2022 11:06:34 GMT
gtm.js
www.googletagmanager.com/ 		96 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83e15890610eba9558b1324092ab937f986d7e96abdc03859851d8962e8282f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37862
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Aug 2022 09:20:04 GMT
flping.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 21 Aug 2022 09:20:04 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=36840
Connection
keep-alive
Content-Length
15
fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
server
Apache
accept-ranges
bytes
etag
"ad90-526fe6dc92240"
content-length
44432
content-type
application/font-woff
grandoreiro-malware-2.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/08/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/08/grandoreiro-malware-2.png?resize=1024%2C443&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1a45780386440e18769363204dc2456da89d7b1a73b5bf267654baa2c7ad3ab5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Aug 2022 08:36:37 GMT
server
nginx
etag
"2442a0b8f141c63f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2022/08/grandoreiro-malware-2.png>; rel="canonical"
content-length
93272
expires
Tue, 20 Aug 2024 20:36:37 GMT
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sun, 21 Aug 2022 09:20:04 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Sun, 21 Aug 2022 09:25:04 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"156244085faab7d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
6414
expires
Sat, 05 Nov 2022 20:12:40 GMT
logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"312ff21e46f29f3d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7482
expires
Sat, 05 Nov 2022 20:12:40 GMT
newsletter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Dec 2020 07:29:12 GMT
server
nginx
etag
"a6fb49f7a00a0498"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
6336
expires
Thu, 15 Dec 2022 19:29:12 GMT
EU-Blog-e.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 21 Aug 2022 09:20:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Jun 2022 21:28:00 GMT
server
nginx
etag
"89e5fea0740da8de"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length
13098
expires
Sat, 22 Jun 2024 09:28:00 GMT
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1661073604787.24311&hostname=securityaffairs.co&location=%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&refDomain=t.co&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&title=Grandoreiro%20banking%20malware%20targets%20Mexico%20and%20SpainSecurity%20Affairs&sop=false&description=A%20new%20Grandoreiro%20banking%20malware%20campaign%20is%20targeting%20organizations%20in%20Mexico%20and%20Spain%2C%20Zscaler%20reported.%20Zscaler%20ThreatLabz%20researchers%20observed%20a%20Grandoreiro%20banking%20malware%20campaign%20targeting%20organizations%20in%20the%20Spanish-speaking%20nations%20of%20Mexico%20and%20Spain.%20Grandoreiro%20is%20a%C2%A0modular%20backdoor%20that%20supports%20the%20following%20capabilities%3A%20Keylogging%20Auto-Updation%20for%20newer%20versions%20and%C2%A0modules%20Web-Injects%20and%20restricting%20access%20to%20specific%20%5B%E2%80%A6%5D&description=A%20new%20Grandoreiro%20banking%20malware%20campaign%20is%20targeting%20organizations%20in%20Mexico%20and%20Spain%2C%20Zscaler%20reported.%20Zscaler%20ThreatLabz%20researchers%20observed%20a%20Grandoreiro%20banking%20malware%20campaign%20targeting%20organizations%20in%20the%20Spanish-speaking%20nations%20of%20Mexico%20and%20Spain.%20Grandoreiro%20is%20a%C2%A0modular%20backdoor%20that%20supports%20the%20following%20capabilities%3A%20Keylogging%20Auto-Updation%20for%20newer%20versions%20and%C2%A0modules%20Web-Injects%20and%20restricting%20access%20to%20specific%20%5B%E2%80%A6%5D&img_pview=true
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.240.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-240-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=29506073&post=134651&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=https%3A%2F%2Ft.co%2F&fcp=0&rand=0.23934260569771926
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 09:20:04 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
hb_v2.js
cdn.pixfuture.com/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c2388c40345a8c9a09e8eb634a72240123f49f4c2b15df11dc05c2982f52f32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 15:56:37 GMT
server
cloudflare
age
62593
etag
W/"62f3d535-84bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nk9PPRstfq9ZbedCkw6zsFBcR2HWPbhMZ7OSXEUN0jcGsAxXH3qKxewSdToLwcp4HQTd1mMVMXehjreh5XsRPC05xeMptdCTQLeFtahbICen4a6yAegHi3E51ttv3GOX0apdCgb7%2B2jW2ju8b4wl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Mon, 22 Aug 2022 15:56:49 GMT
cache-control
public, max-age=172800, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e24a6f08b09107-FRA
cf-bgj
minify
collect
www.google-analytics.com/j/ 		2 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=638678583&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Grandoreiro%20banking%20malware%20targets%20Mexico%20and%20SpainSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=812643506&gjid=443788568&cid=2048833461.1661073605&tid=UA-59069958-1&_gid=1197736727.1661073605&_r=1&_slc=1&z=1373717002
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
961a3c4b4891f012868919d5e0dd1bd97eae7cc7b6c451f6610f099d8f8f5b53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72151
x-xss-protection
0
expires
Sun, 21 Aug 2022 09:20:04 GMT
pbix.js
cdn.pixfuture.com/ 		401 KB
402 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ec4073d62958c460872f86b38f583f3187995f0147e29144340e6826e05cb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
163705
cf-polished
origSize=410578
cf-bgj
minify
last-modified
Wed, 18 May 2022 15:53:44 GMT
server
cloudflare
etag
W/"62851688-643d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyrtYTCejwGGU1Cbon6MVAhV6UmG4Gpamos382iVbGuwbhwEnenkmyIDYpfKTQLQFjpFLA96QL7T6OmDEAHvV0UFD9IJANc8ZkWznHWPrjrm1PhJuI1X5IXNPPU52n8gfwiZa%2BbGxBfLez7oLM%2Bh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=172800, no-transform
cf-ray
73e24a6f392d9107-FRA
expires
Sun, 21 Aug 2022 11:51:26 GMT
r.js
aa.agkn.com/adscores/ 		0
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.36.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-36-127.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=grandoreiro,banking,malware,targets,mexico,spainsecurity,affairs&refUrl=https://t.co/&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ba1c36db133febfbf00fa1ecd29072b2f6b04e07c91e42e85f0757cefd7ec662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:05 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=grandoreiro,banking,malware,targets,mexico,spainsecurity,affairs&refUrl=https://t.co/&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ba1c36db133febfbf00fa1ecd29072b2f6b04e07c91e42e85f0757cefd7ec662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:05 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		11 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24274x728x90x4142x_ADSLOT1&keywords=grandoreiro,banking,malware,targets,mexico,spainsecurity,affairs&refUrl=https://t.co/&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
84becf2f015e9bab6f2d30d5b618f5f71cb35e27f239b8eaab4206d1a4ac64c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:05 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24270x300x250x4142x_ADSLOT1&keywords=grandoreiro,banking,malware,targets,mexico,spainsecurity,affairs&refUrl=https://t.co/&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ad3fff0bde04c72b2ee221445918f9e96800facd94bf0267f39a1adcc7c4e5e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:05 GMT
collect
region1.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=2oe8h0&_p=638678583&cid=2048833461.1661073605&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661073605&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2F&dt=Grandoreiro%20banking%20malware%20targets%20Mexico%20and%20SpainSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
flping.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Server
Apache
Date
Sun, 21 Aug 2022 09:20:05 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=36839
Connection
keep-alive
Content-Length
15
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://securityaffairs.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 21 Aug 2022 09:20:05 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1277
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
0
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
257c0307-94ac-4682-bfe3-5134120bee81
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1c3b96c6-7558-4ffe-8d21-3179742ec06a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
0
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
38ece299-3951-4a8d-b057-52c23338247f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
178a1ac8-fe98-4d62-82fb-8a8db4c1c3df
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=vAcJi3xIRlVDZmpybUx4YjhxVVF5ZjBORG5CMmxJQ01nZVRUVDNyN3BENUNLNGhDdEw3MEYxVEVLQVg2UFRvVDY5N1BxdDNBRndud2hCelRhWnp4dmJOU1BlUTVhdXdhU0JnL0VISERtNWlzT2VlekpEVG1aUFpVWVE1Z2...
345 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vAcJi3xIRlVDZmpybUx4YjhxVVF5ZjBORG5CMmxJQ01nZVRUVDNyN3BENUNLNGhDdEw3MEYxVEVLQVg2UFRvVDY5N1BxdDNBRndud2hCelRhWnp4dmJOU1BlUTVhdXdhU0JnL0VISERtNWlzT2VlekpEVG1aUFpVWVE1Z2xqQzAxZmhzRGw2QTgrWWlOdzU5TTBJQ2k2cWp4L3BnWFBFbEoxRTNZdFNDNC9nb0RmaWkyY0ZZeDBMTWRlc0NDOVAwR2NzSFpTNUk1THRBSjI1Tk9SUTAvL2R2a3JDeXJJaGdtSzl5RW5ZOFhwRTNJdGQwPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e54ab0b3da64d90e95ad4c2ac14ba1227c1e85449424d293f21019575714db7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4189
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
location
https://mug.criteo.com/sid?cpp=vAcJi3xIRlVDZmpybUx4YjhxVVF5ZjBORG5CMmxJQ01nZVRUVDNyN3BENUNLNGhDdEw3MEYxVEVLQVg2UFRvVDY5N1BxdDNBRndud2hCelRhWnp4dmJOU1BlUTVhdXdhU0JnL0VISERtNWlzT2VlekpEVG1aUFpVWVE1Z2xqQzAxZmhzRGw2QTgrWWlOdzU5TTBJQ2k2cWp4L3BnWFBFbEoxRTNZdFNDNC9nb0RmaWkyY0ZZeDBMTWRlc0NDOVAwR2NzSFpTNUk1THRBSjI1Tk9SUTAvL2R2a3JDeXJJaGdtSzl5RW5ZOFhwRTNJdGQwPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1502
content-length
482
expires
0
529.json
id5-sync.com/g/v2/ 		213 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
b3123e282ab2a36833d085e42a5c76d83bcd42d7b55514f76f17f08b051bf7d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
cd53fcbc0f7560e63a79396f49b2a6b252d472f6da820bb84fe241191b55a87f

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 20 Sep 2022 09:20:05 GMT
cookie_sync
prebidserver.pixfuture.com/ 		281 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1709cd39402d83321f6aa7bf2c23e28ed5bf67e2e7528ef1114973731e0d9b4b

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
281
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		154 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e126b6e0601c404cd4b00f921d1db9db664b89b56908c948037d4ae88fdd138b

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
154
expires
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
btlr.sharethrough.com/universal/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.47.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-47-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
trinity.json
apex.go.sonobi.com/ 		94 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228c9cddc651b885%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&s=7ea1ac96-1745-4739-8aba-9466daec1c0e&pv=f441b191-4a92-4404-bf78-2cdc31a2e3a4&vp=desktop&lib_name=prebid&lib_v=6.24.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=grandoreiro%2Cbanking%2Cmalware%2Ctargets%2Cmexico%2Cspainsecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
57dfb56268ea657807768b39d3d798dc7333f12b1b437dfeb5c984e33b0b3fd5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a938704-f5fd-4684-8b5e-d5d11934df61
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1661073605809&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.18.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
arj
pixfuture2-d.openx.net/w/1.0/ 		72 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=327d7718-6260-43bb-a792-23f22ebdfdfc&nocache=1661073605810&id5id=0&pubcid=e90af49d-cbd1-47b0-bf2e-101c4210c384&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWdyYW5kb3JlaXJvLGJhbmtpbmcsbWFsd2FyZSx0YXJnZXRzLG1leGljbyxzcGFpbnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9Z3JhbmRvcmVpcm8sYmFua2luZyxtYWx3YXJlLHRhcmdldHMsbWV4aWNvLHNwYWluc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
054b572fa07decd2b4c51cc54bf29f4b16ebfacea849221e7ba922b76c4b5f29

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=e90af49d-cbd1-47b0-bf2e-101c4210c384%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tk_flint=pbjs_lite_v6.24.0-pre&x_source.tid=327d7718-6260-43bb-a792-23f22ebdfdfc&l_pb_bid_id=18bf07c4883defb&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13517590362714715
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5533dd7a9e00db5732c6b6130725d91dd8f294e314c72bc25bb099d87074ff0c

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
662c2f0cca89c1f98c91b625ee090539c3967ffed31debc83f323816e690535b

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e56133c04f85972b45c6f92d98479f656f482365653e107d0c826cc2e507096e

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.24.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
0900cfb5d1bd1de2899f2fe46fc1a5843d69df0d57584189be067d56098aab74

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
x-sovrn-pod
ad_ap7ams1
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
auction
prebidserver.pixfuture.com/openrtb2/ 		153 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
05fca160dd5ca8a4c9b702768a3f4accd140ad0579bf16dd5f5b2f218e8c755d

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
153
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.47.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-47-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
04fd94272f504c12875a334873f0e6007773345bdb21640768f9193a32d2ee69

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
trinity.json
apex.go.sonobi.com/ 		30 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2237f4838383ff50b%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&s=3204a1f5-733d-4b77-a69b-4eef0e598a08&pv=f441b191-4a92-4404-bf78-2cdc31a2e3a4&vp=desktop&lib_name=prebid&lib_v=6.24.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=grandoreiro%2Cbanking%2Cmalware%2Ctargets%2Cmexico%2Cspainsecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.24.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
87c3bba7958aee0c86b6464f6610ec1f7426f272c053e6866b4311f3ca00c180

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
x-sovrn-pod
ad_ap7ams1
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1661073605823&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.18.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
ib.adnxs.com/ut/v3/ 		19 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
971ba19d-86a5-491d-9336-59f90c25bc91
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=e90af49d-cbd1-47b0-bf2e-101c4210c384%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tk_flint=pbjs_lite_v6.24.0-pre&x_source.tid=28e4b334-ebb8-4b71-b2e2-b5929d290078&l_pb_bid_id=4559b0839712c26&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7919423976992488
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b6cbf50a677ab3268286839a08e7bbdb253bb59128adde5892cceff8847e3d24

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=28e4b334-ebb8-4b71-b2e2-b5929d290078&nocache=1661073605825&id5id=0&pubcid=e90af49d-cbd1-47b0-bf2e-101c4210c384&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWdyYW5kb3JlaXJvLGJhbmtpbmcsbWFsd2FyZSx0YXJnZXRzLG1leGljbyxzcGFpbnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9Z3JhbmRvcmVpcm8sYmFua2luZyxtYWx3YXJlLHRhcmdldHMsbWV4aWNvLHNwYWluc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e94350d87ee2b24c0cd05c56b32775b1464df9825f003c584eab3cf1497250be

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
72294b447b5aedc43245b8d5e4b396f849178e8218e77558d60f62d14415832c

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
auction
prebidserver.pixfuture.com/openrtb2/ 		154 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
4f63dd0b61ce04aa584b8e79205835d5efeb64f2d782b6955202bdfe4a53882e

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
154
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c71911930f2b85b09af71e058419569d76730aac9de414a7f154034cd32ef749

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
ap.lijit.com/rtb/ 		24 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.24.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
6030a5f79a90a1d8a7b3824daa9982e3274d88b012806c9db8cc2576d7b58948

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
x-sovrn-pod
ad_ap7ams1
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
prebid.media.net/rtb/ 		1 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7b2d40ec02ecfc2753d7f80b0fdb7911692610491edc0540fd5553776b9f054d

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5f29f0bc-5124-4b07-bf3e-55039707e520&nocache=1661073605832&id5id=0&pubcid=e90af49d-cbd1-47b0-bf2e-101c4210c384&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=728x90&divids=24274x728x90x4142x_ADSLOT1&aucs=&auid=540580842&tps=bXlrZXl3b3JkPWdyYW5kb3JlaXJvLGJhbmtpbmcsbWFsd2FyZSx0YXJnZXRzLG1leGljbyxzcGFpbnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9Z3JhbmRvcmVpcm8sYmFua2luZyxtYWx3YXJlLHRhcmdldHMsbWV4aWNvLHNwYWluc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
fa9c2d6a10a5eacc2948b77833b0de55683b3e386d1a6a5ba0fd7a714708f46d

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d4be1aef-b909-40ad-8ef8-fba3c1b68000
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=2&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=e90af49d-cbd1-47b0-bf2e-101c4210c384%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tk_flint=pbjs_lite_v6.24.0-pre&x_source.tid=5f29f0bc-5124-4b07-bf3e-55039707e520&l_pb_bid_id=6838cd6be4f26df&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2845444617377322
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
851917db0c35742b91f0a0989a838bab0d3b9d0861f4bb5bc0ad3e2283fcd71d

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1661073605834&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.18.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
trinity.json
apex.go.sonobi.com/ 		95 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%227273efb73680a68%22%3A%22951d83dd852c9348161e%7C728x90%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&s=8e371f44-c577-435e-b98e-eb8ad665689e&pv=f441b191-4a92-4404-bf78-2cdc31a2e3a4&vp=desktop&lib_name=prebid&lib_v=6.24.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=grandoreiro%2Cbanking%2Cmalware%2Ctargets%2Cmexico%2Cspainsecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7e94b917096e9189b4a686b3a131c39d286622f789e63e53da1d3c0560d60ff5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-44
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_728x90&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8a98b9e85a32f0ea51e5689e3dc97e22547ed77ed064e7b7d25368c57339b578

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
content-length
62
auction
prebidserver.pixfuture.com/openrtb2/ 		154 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
54b769ffd161d9e25cee72fe6a5bcddccd8c6b69ce7e852876cfaa9f80fb2296

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
154
expires
0
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1661073605896&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.18.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.47.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-47-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:05 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0e6928be1932b5b6f9cf73cc080536daad46427f8246e7e1e70e437857c30d9d

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Sun, 21 Aug 2022 09:20:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d8bf28ddf859a0072cd4bca62306d8c8ac626f25da198576cce43f343ee74a7

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d3424abc-7735-4381-a419-0c72f17cc05d&nocache=1661073605898&id5id=0&pubcid=e90af49d-cbd1-47b0-bf2e-101c4210c384&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=300x250&divids=24270x300x250x4142x_ADSLOT1&aucs=&auid=540580840&tps=bXlrZXl3b3JkPWdyYW5kb3JlaXJvLGJhbmtpbmcsbWFsd2FyZSx0YXJnZXRzLG1leGljbyxzcGFpbnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9Z3JhbmRvcmVpcm8sYmFua2luZyxtYWx3YXJlLHRhcmdldHMsbWV4aWNvLHNwYWluc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
27857e1c5c4c5e53017945fdfe2e64067d3819b1a456a724ac751aad8dd7a352

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:05 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7740a41c-67ba-49ab-ac74-331b33336545
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.24.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4bb2063016321cf32f53e00789010d39d04824e948e1e671c1311029680d86be

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
x-sovrn-pod
ad_ap7ams1
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_300x250&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8aafe47e123591210b0d915e947e5cd944b1a22e7a71cade642c41bf1ccb5c03

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=e90af49d-cbd1-47b0-bf2e-101c4210c384%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&tk_flint=pbjs_lite_v6.24.0-pre&x_source.tid=d3424abc-7735-4381-a419-0c72f17cc05d&l_pb_bid_id=9729104c727cd97&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23266131584922434
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
18b94eb1fd3f3cb573e453362c7982056ac788c200994529301fae75512992dd

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		30 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%229980bfcaf221f8d%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&s=3a6ffa7f-f9d3-4c3d-b160-962a790d88dd&pv=f441b191-4a92-4404-bf78-2cdc31a2e3a4&vp=desktop&lib_name=prebid&lib_v=6.24.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e90af49d-cbd1-47b0-bf2e-101c4210c384%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=grandoreiro%2Cbanking%2Cmalware%2Ctargets%2Cmexico%2Cspainsecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-18
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:05 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vAcJi3xIRlVDZmpybUx4YjhxVVF5ZjBORG5CMmxJQ01nZVRUVDNyN3BENUNLNGhDdEw3MEYxVEVLQVg2UFRvVDY5N1BxdDNBRndud2hCelRhWnp4dmJOU1BlUTVhdXdhU0JnL0VISERtNWlzT2VlekpEVG1aUFpVWVE1Z2xqQzAxZmhzRGw2QTgrWWlOdzU5TTBJQ2k2cWp4L3BnWFBFbEoxRTNZdFNDNC9nb0RmaWkyY0ZZeDBMTWRlc0NDOVAwR2NzSFpTNUk1THRBSjI1Tk9SUTAvL2R2a3JDeXJJaGdtSzl5RW5ZOFhwRTNJdGQwPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 21 Aug 2022 09:20:05 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1306
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame 8C98
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5c36160fa1462f5a1d9fc2cec5a710af5a9a39e96e951d9a4bcaa46053761d3f

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 21 Aug 2022 09:20:06 GMT
expires
Sun, 21 Aug 2022 09:20:06 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 21 Aug 2022 09:20:06 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601
ptag
a.audrte.com/ Frame 8C98 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.165.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-165-20.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d1614c2d6b1d27bd1f42aa1405e7c00c241c3c23eb7063aa00de4b9c58bcc1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:06 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
um
u-ams02.e-planning.net/ Frame 8C98
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D17ac4f1943b63098%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=17ac4f1943b63098&uid=355593504253381223
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=17ac4f1943b63098&uid=355593504253381223
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
5.178.65.245 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
55f298ab-fa19-4849-b128-10193e52fe39
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=17ac4f1943b63098&uid=355593504253381223
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 8C98
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D17ac4f1943b63098%26uid%3D%24UID&partner=eplanning
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253De64f73568d2b3c34%2526f...
0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253De64f73568d2b3c34%2526fi%253D17ac4f1943b63098%2526uid%253Dua-5ccc5590-f076-37da-b2eb-548172a66aa4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-29
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253De64f73568d2b3c34%2526fi%253D17ac4f1943b63098%2526uid%253Dua-5ccc5590-f076-37da-b2eb-548172a66aa4
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
usync.html
eus.rubiconproject.com/ Frame 0EF1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 09:20:06 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 Aug 2022 09:20:06 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
r.casalemedia.com/ Frame CC4C
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f447ce9eeb2f17b03a29b369670fb8042f4cfa7b4fd8c439a5d2935fca66e5cb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e24a782caf5bf5-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 09:20:06 GMT
dropped-udsids
39|241|230|45|65|191|17|8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HIqFoScXd4wtqTHdunWMkFvKkHfX9nqqRplw%2BjfoYYTOU%2FCQyBrJMjBGDBhIqFWTewIZgQgIxIKIaC5g6cHXLbeH%2B%2B1xorBBHZrEw3247n8yTAXJ4LjoNBKNj%2BjiH5%2Ffv1x"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73e24a77a88f9019-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 21 Aug 2022 09:20:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yzP9clpkRN6m0tDTPuxExhYzZ8toacWpYLm3lCIWIwYvZ6mtjIfpieqDvVqPxDH%2BSdUcbGRwIkH0tPMslE4SjJKkhefQvTrUFcvi5GKiokwGOmyLZHhaA0DChM5FkBCB%2B6ZP7LS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 579E 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
137109
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 21 Aug 2022 09:20:06 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
d98e71a7e30a145b3ecd3e18f71c6824
x-cf-tsc
1653097467
x-cf1
29080:fB.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 5B05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 56D8 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc05ed3f9e6c4c6e31ab08882887d99ba7f5fb2ef6121b3feb66cf9089c48b01

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
73e24a77ab1a9bc8-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 09:20:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
getuid
ib.adnxs.com/ Frame 56D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 56D8 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=c0ab74fc-ee9d-403a-abc8-d0fea689ad19&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=c0ab74fc-ee9d-403a-abc8-d0fea689ad19&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a796db49bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=c0ab74fc-ee9d-403a-abc8-d0fea689ad19&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 56D8 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 56D8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 56D8 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1661073607.529888,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4081-HHN
u
dmp.v.fwmrm.net/ad/ Frame 56D8 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:ba15:f8ca:726:bfa6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 56D8 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1%26reqId%3D29f348c5-e548-441b-67f1-eea921dd7bb7%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=1509ccc8-4865-4832-951e-0536c08e25ef&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=1509ccc8-4865-4832-951e-0536c08e25ef&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a7a6f519bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=1509ccc8-4865-4832-951e-0536c08e25ef&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=69592146284420961523433012912715034395&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=69592146284420961523433012912715034395&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a79ce629bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v038-0a54615c3.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HjQbqK/AQSc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=69592146284420961523433012912715034395&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 56D8 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022082118-49274-0.053204001661099637-ee67d3a0c1343215bc3fc22c3d09aa71&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022082118-49274-0.053204001661099637-ee67d3a0c1343215bc3fc22c3d09aa71&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a798de99bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022082118-49274-0.053204001661099637-ee67d3a0c1343215bc3fc22c3d09aa71&zdid=533&env=mWeb
Date
Sun, 21 Aug 2022 16:33:57 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7134256814033729691&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7134256814033729691&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a798de69bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7134256814033729691&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Date
Sun, 21 Aug 2022 09:20:06 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 56D8 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=KrT8JWwvXYQRWLici8aejO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-44...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=KrT8JWwvXYQRWLici8aejO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a7a2eed9bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
last-modified
Sun, 21 Aug 2022 09:20:06 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=KrT8JWwvXYQRWLici8aejO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 56D8 		0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a7ae81e9bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.0.115
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-D5Jx0PpE2or0zj3oLsWZkXqHPGA.wEUK_g--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-D5Jx0PpE2or0zj3oLsWZkXqHPGA.wEUK_g--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a7aafaf9bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
http/1.1 spdc0104.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-D5Jx0PpE2or0zj3oLsWZkXqHPGA.wEUK_g--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MjjoqVWHhTgC2XRSL6KOjM7elgk%2FeiqE%2BS41iYitP1U%3D
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MjjoqVWHhTgC2XRSL6KOjM7elgk%2FeiqE%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a78dcdc9bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MjjoqVWHhTgC2XRSL6KOjM7elgk%2FeiqE%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame 56D8 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1661073606
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 56D8 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YwH4xgAIBgMJVwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YwH4xgAIBgMJVwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&_test=YwH4xgAIBgMJVwAK
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a7b18769bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661073607.878606,VS0,VE0
x-served-by
cache-hhn4045-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YwH4xgAIBgMJVwAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&_test=YwH4xgAIBgMJVwAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=7ee06301-f8c6-4c00-846a-f8a8c809a4d5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7ee06301-f8c6-4c00-846a-f8a8c809a4d5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a7d9cf39bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Sun, 21 Aug 2022 09:20:07 GMT
Server
MT3 4494 7cf1da7 master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=7ee06301-f8c6-4c00-846a-f8a8c809a4d5&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sun, 21 Aug 2022 09:20:06 GMT
usermatch.gif
beacon.krxd.net/ Frame 56D8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1661073607
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
date
Sun, 21 Aug 2022 09:20:06 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 56D8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
106NB063CC28W8JX24BT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
90GTBJV5SXKSX3D59ZXH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 56D8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2...
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2Q6Y9NW21YG3YS8SDM1Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZCD341KHB1WZXQ87FKPT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 56D8 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 56D8
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D5d9...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73e24a7bda119bc8-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
date
Sun, 21 Aug 2022 09:20:06 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 56D8 		557 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40804f07bc6f71839859f835d049a312eba550cf1ea74483217d094222cf4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e24a787c579bc8-FRA
date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
casale
match.adsrvr.org/track/cmf/ Frame CC4C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame CC4C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwH4xlHxavl_PMSUvJcpJAAABGIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwH4xlHxavl_PMSUvJcpJAAABGIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwH4xlHxavl_PMSUvJcpJAAABGIAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YV9BABJJPZVCWB6RXRNA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VSB6G09556BV2FMJ4JAZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwH4xlHxavl_PMSUvJcpJAAABGIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC4C 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwH4xlHxavl_PMSUvJcpJAAABGIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CC4C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YwH4xlHxavl-PMSUvJcpJAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YwH4xlHxavl-PMSUvJcpJAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJykYbOSoZWMMIWJ0-yyNbo&google_cver=1&gdpr=1
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJykYbOSoZWMMIWJ0-yyNbo&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e24a79db3b9944-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vcgYWCmHx46zzc2bk2OAN3jvwAib1EbWLoqnjGdRltC4k8SMJhvTMXJc7ChFSc53pLQ5mjTPa4xn05EuQsQ%2Fsy5SrQJtNyrHL%2BZhWjxr54NzPNKiRosrxq5S8AQj9PzkEfv%2BzZ9NU314Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJykYbOSoZWMMIWJ0-yyNbo&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame CC4C
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661160006&gdpr=1
43 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661160006&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e24a7a9e219070-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D84V%2BNooq1Ei2Ip1LgAgp2anNSEfRb0oU1oUTqdcpX%2BGlQztXRvFBqoJ0afXElvBSNCU17%2Bozsj6pkkC1kCFJY%2BX%2Bh0l%2B3dFGIZr9stdUxesoAceY5p2KhH%2BJWGg8AAO%2Bya2eCfS"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661160006&gdpr=1
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame CC4C
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d9c2a880-70d4-0ba8-985faab1
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d9c2a880-70d4-0ba8-985faab1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e24a79db3f9944-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH50n%2Fcf1qbWJxX9Va8PifRkmBdQJHmM5ow6ia7StNDVqMIOWFoknBwW9LNChHVHR25dWLhyitWwZlN2wFPGdwiI0iDFR10LZXNAt9037zWZKJkhOnDAv4WeuCaeK4D7hXLIRJH5JEn%2BIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d9c2a880-70d4-0ba8-985faab1
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame CC4C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e24a7badcb9944-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPc8%2FXihwoPQM%2F%2B%2FOLd5%2FhNrf3NVRunDV80DpZVB3HWSTdB7pUz5tzWSCVjYzYVd2MdWpp4xqqwyqE%2BlqvXRrP0LMoBx%2BkufpjsPKpsziAJYqPKao6cWuPRctlMe0Eov2nD2CL1XuTLmpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame CC4C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=602023df-1e57-46dd-8490-9cdca2a8924c&expiration=1692609606
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=602023df-1e57-46dd-8490-9cdca2a8924c&expiration=1692609606
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray
73e24a7acc9c9944-FRA
pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so4Ez4sZiqdXaz27L6lPZrEfv7NO2cpw9YQJQkyMnc8sdQ3e4ICM4LffTwI91d4SWOhNga6pw7hwllbSJ57AiFbtdtz7O%2B0h7K5jWx6sguMMpYPHx%2B1Gz3zATLVVe41P7gkJHcQE5By%2BgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=602023df-1e57-46dd-8490-9cdca2a8924c&expiration=1692609606
date
Sun, 21 Aug 2022 09:20:06 GMT
server
Kestrel
content-length
0
um
u-ams02.e-planning.net/ Frame CC4C 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=17ac4f1943b63098&uid=YwH4xlHxavl-PMSUvJcpJAAA%261122
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D17ac4f1943b63098%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 0EF1 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66704
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Mon, 22 Aug 2022 03:51:50 GMT
cmp
spl.zeotap.com/ Frame 56D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
73e24a78bca89bc8-FRA
date
Sun, 21 Aug 2022 09:20:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0EF1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu&khaos=L734C586-6-L70F
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D8BD 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44864624b0d07caca2b0f5dae3c25159dc0206cc4ac125f61ab4e463a40692dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36029
x-xss-protection
0
server
cafe
etag
2311947451666991328
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:20:06 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:06 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FAC6 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cba4f09b5fd00dab72d1cd402f55cd5742d8ec9c448a131b376edf55d63d0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40300
x-xss-protection
0
server
cafe
etag
1824534000135997629
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:20:06 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:06 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9C5A 		0
0
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:06 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C526 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46443e7bcbf4d3c09857f19d067719ef9e1d77102b54024ff97019e153df6bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40305
x-xss-protection
0
server
cafe
etag
14744593277837155439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:20:06 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:06 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0EF1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5kBee3XHR--m7ibJ1nXtrg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5kBee3XHR--m7ibJ1nXtrg
43 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5kBee3XHR--m7ibJ1nXtrg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AV72MR6XX67QK922M2JG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5kBee3XHR--m7ibJ1nXtrg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0EF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEM1ODYtNi1MNzBG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEM1ODYtNi1MNzBG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDczNEM1ODYtNi1MNzBG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0EF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L734C586-6-L70F
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L734C586-6-L70F
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EA127AB32D9D4D0DB06F261E03CFF456 Ref B: FRAEDGE1510 Ref C: 2022-08-21T09:20:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmvNZIA+8MO878JSveEw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L734C586-6-L70F
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 0EF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734C586-6-L70F&sigv=1&esig=2~da40d2acda75a2a3c96ec49d51c7114991a5ff90
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734C586-6-L70F&sigv=1&esig=2~da40d2acda75a2a3c96ec49d51c7114991a5ff90
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L734C586-6-L70F&sigv=1&esig=2~da40d2acda75a2a3c96ec49d51c7114991a5ff90
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0EF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY5NmUwZjFlMWI5ODIzZmZmYWIzY2QyYmI5ZDMwNTFmM2IwOTgxOA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY5NmUwZjFlMWI5ODIzZmZmYWIzY2QyYmI5ZDMwNTFmM2IwOTgxOA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY5NmUwZjFlMWI5ODIzZmZmYWIzY2QyYmI5ZDMwNTFmM2IwOTgxOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 0EF1 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0EF1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5lZOgIGuRdeZgN0glSKVcA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5lZOgIGuRdeZgN0glSKVcA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5lZOgIGuRdeZgN0glSKVcA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5AVCHPHZFVRNMBCVQYB7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5lZOgIGuRdeZgN0glSKVcA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0EF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ApFOx5ScOqAr10Oegac7yQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7369290301688837111
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7369290301688837111
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Sun, 21 Aug 2022 09:20:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7369290301688837111
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame B566 		627 B
544 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 21 Aug 2022 09:20:06 GMT
etag
W/"62ec189b-273"
expires
Fri, 20 Aug 2027 09:20:06 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 342A 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 21 Aug 2022 09:20:06 GMT
etag
W/"601b131c-27c"
expires
Fri, 20 Aug 2027 09:20:06 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame DDB4 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D17ac4f1943b63098%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Sun, 21 Aug 2022 09:20:07 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BDKzhyh
x-77-nzt-ray
C+VHXmRxuYw
x-77-pop
frankfurtDE
x-accel-expires
@1662110407
x-cache
MISS
setuid
prebidserver.pixfuture.com/ Frame B722 		0
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AKRJQgZawetfIN2w
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sun, 21 Aug 2022 09:20:06 GMT
expires
0
pragma
no-cache
vary
Origin
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ Frame D8BD 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68519228e434605b231a755ef888366a63fdab471a63db9795b74802529717e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122626
x-xss-protection
0
server
cafe
etag
16728885645023042582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:20:06 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ Frame FAC6 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf81393689082851bf3e656f638c0d3a7d199f4923998e8e38c56f49dc498b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122625
x-xss-protection
0
server
cafe
etag
15353385688089822270
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:20:06 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ Frame C526 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31069049
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa212b69ac7d5ddc2db783bb42fd09b34f58504e2e5bfa9f3ccbd37bda2bbb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122735
x-xss-protection
0
server
cafe
etag
12649176875000214229
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Aug 2022 09:20:06 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame B566 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 20 Aug 2022 11:54:21 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
77146
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
VZWxvtFWxmRfQw8Y1TQmkq005ciLeDL4sxQ9Wl51HSKtUcoQAJhE-w==
GS.d
js.cookieless-data.com/ Frame 342A 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1661073606834
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:06 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame B566 		155 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Aug 2022 02:12:23 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
age
25664
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
9U_z71tDQ2aEepnuLGfkBsCSvcujZzBMbhtfWkZQGZz1fGIIpvduVg==
cookie.js
partner.googleadservices.com/gampad/ Frame D8BD 		222 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
6c95704e131d255dcdbceccc0d77ca6b483ff9b380f8fa069ae1e9da7f58d23e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame D8BD 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D8BD 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6743 		66 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a2266a6cd9cf3085446536a8b14e74cc5448a232fc47f9ead17ac0c22b0d42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
26179
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ Frame B566 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.61.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-61-76.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.27.50
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
cookie.js
partner.googleadservices.com/gampad/ Frame C526 		222 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
0f7eb16734f3561661ea64d1775723e86d1ce5a79a0ce4aee36ae2f716bef22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame C526 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C526 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A7AB 		65 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b5442914c910a99307d022d95e7335b497d05c7eef1442cb3e971d6c15572d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
25925
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FAC6 		222 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
36857f6727abbaf2086d5bfb60ea9f3d7beda614763335d9142ba52a74e2a929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame FAC6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FAC6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
afr.php
served-by.pixfuture.com/www/delivery/ Frame ED5E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696135&pi=t.ma~as.Internal_300x250_0._&w=300&lm...
  • https://served-by.pixfuture.com/www/delivery/afr.php
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/afr.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
64c41a6752147d6209ab9377bd28d1970be83a0a8d8617dfa4ea8dddf0516194

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800 public, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
expires
Tue, 23 Aug 2022 09:20:07 GMT
pragma
no-cache
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:07 GMT
location
https://served-by.pixfuture.com/www/delivery/afr.php
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ptrack
a.audrte.com/ Frame 8C98 		368 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.218.19&p=M1353665098&artime=2022-08-21T09:20:07.482Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGcHJlYmlkc2VydmVyLnBpeGZ1dHVyZS5jb20lMkZzZXR1aWQlM0ZiaWRkZXIlM0RlcGxhbm5pbmclMjZnZHByJTNEJTI2Z2Rwcl9jb25zZW50JTNEJTI2ZiUzRGIlMjZ1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=c2VjdXJpdHlhZmZhaXJzLmNvLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.165.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-165-20.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8d6d6c4aa52f3ed5bd1b3b8ed78cf17ea829d69b611c67450cbf482c65c73405

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
261
checksync.php
contextual.media.net/ Frame 7336 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f94dff235b65488e759488b869b0000a2a17bf9e13f184289795e2ff65a803c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8304
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
expires
Tue, 23 Aug 2022 09:20:07 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5290 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
16318
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 241848
X-Served-By
cache-lga21925-LGA, cache-hhn4051-HHN
X-Timer
S1661073608.634755,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4583 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
16317
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 239949
X-Served-By
cache-lga21925-LGA, cache-hhn4055-HHN
X-Timer
S1661073608.634444,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 956E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Aug 2022 09:20:07 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 836C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=61208
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 02:20:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1ECC 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 Aug 2022 09:20:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
check.html
biddr.brealtime.com/ Frame 515A 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
2969
CF-Cache-Status
HIT
CF-RAY
73e24a7ffd51bbf2-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Sun, 21 Aug 2022 10:20:07 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id
15DYQDFYDGXZWWWF
pd
u.openx.net/w/1.0/ Frame 6DAB 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 Aug 2022 09:20:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A533 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=61208
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 02:20:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 43E5 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
2394
CF-Cache-Status
HIT
CF-RAY
73e24a7ffbfc90fe-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Sun, 21 Aug 2022 10:20:07 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
checksync.php
contextual.media.net/ Frame F824 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f94dff235b65488e759488b869b0000a2a17bf9e13f184289795e2ff65a803c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8304
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
expires
Tue, 23 Aug 2022 09:20:07 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame B286 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f94dff235b65488e759488b869b0000a2a17bf9e13f184289795e2ff65a803c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8304
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
expires
Tue, 23 Aug 2022 09:20:07 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame A573 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 Aug 2022 09:20:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 436A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=61208
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 02:20:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D277 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
16318
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 241021
X-Served-By
cache-lga21925-LGA, cache-hhn4070-HHN
X-Timer
S1661073608.634448,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1BEB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
16317
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 239950
X-Served-By
cache-lga21925-LGA, cache-hhn4055-HHN
X-Timer
S1661073608.634734,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2ACA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=61208
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 22 Aug 2022 02:20:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7619 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f94dff235b65488e759488b869b0000a2a17bf9e13f184289795e2ff65a803c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8304
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:20:07 GMT
expires
Tue, 23 Aug 2022 09:20:07 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
check.html
biddr.brealtime.com/ Frame BFAC 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
2394
CF-Cache-Status
HIT
CF-RAY
73e24a7ff85f9193-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Sun, 21 Aug 2022 10:20:07 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
pd
u.openx.net/w/1.0/ Frame A0E4 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 Aug 2022 09:20:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ssc-cms.33across.com/ps/ Frame 5DAB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
server
33XP002
x-33x-status
2000208
check.html
biddr.brealtime.com/ Frame AC13 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
4986
CF-Cache-Status
HIT
CF-RAY
73e24a7ffc9e5c56-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 21 Aug 2022 09:20:07 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Sun, 21 Aug 2022 10:20:07 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
css
fonts.googleapis.com/ Frame 6743 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 09:02:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 09:20:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 09:20:07 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 6743 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:17:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 6743 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:19:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 6743 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:17:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6743 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:20:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 6743 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:16:24 GMT
l
www.google.com/ads/measurement/ Frame 6743 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHDZ6pDRLJPrZajKnTY6zA48etMkY7rRtClxAx72fg4cGXqMCULwwxdwqy1OWkuJDhYhmK-3eU8mYYccB3gg3qFlNlTA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame 6743 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 03:40:59 GMT
css
fonts.googleapis.com/ Frame A7AB 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 09:12:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 09:20:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 09:20:07 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame A7AB 		2 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:17:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame A7AB 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:19:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame A7AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:17:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A7AB 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:20:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame A7AB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Sep 2022 09:16:24 GMT
l
www.google.com/ads/measurement/ Frame A7AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRS3X60m0kso7c8jVIRrfD_8Q4WVPyqwWklFaJp6TJXx7WRWT6O3ULLcn1E-YYnzJLsbUwn2yiXaMalHpNYL1bpfyj80g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame A7AB 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 03:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 13:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 03:40:59 GMT
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:07 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:07 GMT
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:07 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:07 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/18191073910819778309/ Frame A7AB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18191073910819778309/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6d01d7502929152b26588e18ca73dc256b6d71aceae75c282cabfdece1183ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 22:19:37 GMT
x-content-type-options
nosniff
age
385230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
last-modified
Mon, 17 Aug 2020 17:39:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 16 Aug 2023 22:19:37 GMT
usync.js
eus.rubiconproject.com/ Frame 956E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66703
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Mon, 22 Aug 2022 03:51:50 GMT
p
a.audrte.com/ Frame 8C98
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4490363118202122320
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.0.165.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-165-20.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 21 Aug 2022 09:20:07 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 8C98 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=7d0jcryHYraTcimEJzMK1n9AA&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:08 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 8C98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=7d0jcryHYraTcimEJzMK1n9AA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=7d0jcryHYraTcimEJzMK1n9AA&gdpr=0&gdpr_consent=&google_gid=CAESEP-DcbgBZmtjuhn_9yNgSPw&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.0.165.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-165-20.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 09:20:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 21 Aug 2022 09:20:07 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame 1BEB 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a2fbc031-4aaa-4042-9d9f-8db1e0588134
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D277 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6399dce7-c922-4870-81f9-8e5f4ec11015
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4583 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
da95e3a2-0b42-4f9c-9b77-d05f3180ac3e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5290 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:07 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
53d6b4de-1771-4dbd-85ef-cae5c262269e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 004E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 09:11:16 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1586 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 14:32:04 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 14:32:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B49E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 14:32:04 GMT
etag
48472445140208031
expires
Sun, 21 Aug 2022 14:32:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6743 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f71501c523e41e5919ebe413ecda4bf259adcf9e81c65b5960c834bd862d928

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6743 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 20:36:54 GMT
x-content-type-options
nosniff
age
304994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:36:54 GMT
truncated
/ Frame A7AB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bd59176579fabab1b5182bd230360b8b4a0026646b82b2980dbc2fa690ddfa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A7AB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:39:45 GMT
x-content-type-options
nosniff
age
492023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 16:39:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A7AB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:44:52 GMT
x-content-type-options
nosniff
age
491716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A7AB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
483133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 19:07:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 836C 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73452358&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:06 GMT
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FAC6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b585d8a61ebab54f1198cdbaa551a91c4621d5dbe479bf66f45bbf43e650d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11085
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 1586 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE_UoQ8kk2l1stYben0ztHQ&google_cver=1&google_push=AehlK4BVYbtxJo6sZtIBOu9zzL4OlnWEO9JtSisDXfUF2YblLtPrAox61xq2MJmex6OeTGHQYgvdzv0oxIzDF-ti2TDBMaUNu2Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1586
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFqN74HUvcqBOaftpHlILLQ&google_cver=1&google_push=AehlK4DSlZ96S7Fk1b-At4Dhah19G_ybPspUGjraaa2UJ_l8-hV4DtNZpQ9iRwJxCFZ9hywgGJypy2QtSLA...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DSlZ96S7Fk1b-At4Dhah19G_ybPspUGjraaa2UJ_l8-hV4DtNZpQ9iRwJxCFZ9hywgGJypy2QtSLAq2eMYnex60Woz_ro&google_hm=NRHqfPFtQtWZGrHp6JEcqBM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DSlZ96S7Fk1b-At4Dhah19G_ybPspUGjraaa2UJ_l8-hV4DtNZpQ9iRwJxCFZ9hywgGJypy2QtSLAq2eMYnex60Woz_ro&google_hm=NRHqfPFtQtWZGrHp6JEcqBM
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DSlZ96S7Fk1b-At4Dhah19G_ybPspUGjraaa2UJ_l8-hV4DtNZpQ9iRwJxCFZ9hywgGJypy2QtSLAq2eMYnex60Woz_ro&google_hm=NRHqfPFtQtWZGrHp6JEcqBM
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1586
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBnXe0krRVqDKr4hRJdjSlU&google_cver=1&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxct...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBnXe0krRVqDKr4hRJdjSlU&google_cver=1&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxct...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxctwW7ve9bfiGoGKTLMs&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxctwW7ve9bfiGoGKTLMs&google_hm=
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Aug 2022 09:20:08 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AqrcoblRXPnrfT8lB0NgbpsFlFRzUjrzehk-y9Wa2Q0u9lenjG9UYus076qFjx0YM_nWhnkwXxctwW7ve9bfiGoGKTLMs&google_hm=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 1586
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMp4AU4y2psLdCFobF2_Re4&google_cver=1&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlExU6VKe...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMp4AU4y2psLdCFobF2_Re4&google_cver=1&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlE...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5123196423003052253&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlExU6VKepczuZ20&google_hm=ZVatHxC6QJWVubquYKfXhw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlExU6VKepczuZ20&google_hm=ZVatHxC6QJWVubquYKfXhw==
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4B96jJVL6meCOsNlGZrEWjwGg3mKkN_MHIKFamvK9l3qThJ7lxyJYHhst1BtS8J5CO-awsy3Zp4tIKTlExU6VKepczuZ20&google_hm=ZVatHxC6QJWVubquYKfXhw==
Date
Sun, 21 Aug 2022 09:20:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame 1586 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4D_EpcK4HkMtE7NWu7JpOxG4c_PVhHa91L8wCgpCFjzOWvFPKd6gbyTqncDFBowGa2P7oP6Jy_fEpcOBrdm_Vc0P_vRvg%26google_hm%3D%5BUID%5D&google_gid=CAESEEvXf5w8_Cnxb_TGo92XL0E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:08 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-29
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
match.sharethrough.com/E4rooAtA/ Frame 1586 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFN-YQQrAVMpWXZopgIkPi8&google_cver=1&google_push=AehlK4CZHCFsJqc_zz-wINjfKp8GxOwt9RXAbRM54ehpUigUDYIolQ1_HIkd2rdmAd2iogpydVyuuF32XEPKR01ctPThGVvSrqc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.208.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-208-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
0.gif
id5-sync.com/i/495/ Frame 1586
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJJkKRsQyCdAdoUW0r9I-gE&google_cver=1&google_push=AehlK4CvIo5tUUm5NO2TsZ6WRWX7jBqVCxpjWaHijrwTvK2-0eIF44uxvbCJaBUdRsgrlBqj35SC94pZfkpllfAfDz_7cYdUHPA
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CvIo5tUUm5NO2TsZ6WRWX7jBqVCxpjWaHijrwTvK2-0eIF44uxvbCJaBUdRsgr...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CvIo5tUUm5NO2TsZ6WRWX7jBqVCxpjWaHijrwTvK2-0eIF44uxvbCJaBUdRsgrlBqj35SC94pZfkpllfAfDz_7cYdUHPA&gdpr_consent=&gdpr=
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Sun, 21 Aug 2022 09:20:08 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CvIo5tUUm5NO2TsZ6WRWX7jBqVCxpjWaHijrwTvK2-0eIF44uxvbCJaBUdRsgrlBqj35SC94pZfkpllfAfDz_7cYdUHPA&gdpr_consent=&gdpr=
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
270
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 1586 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpfUUwQy7eUmHPduNaaB-2HEtq4qEMTjuZN_UIlxbsKPe8NwxpzSRmkPlfCOm85CMcrD12glo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame B49E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdINHhnQUlCZ01KVndBSw==&google_gid=CAESEPYhM3etPyKfJCF-YxyjtHI&google_cver=1&google_push=AehlK4D_HeIreMIuf8WF8ql-hXIiIjatka...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdINHhnQUlCZ01KVndBSw==&google_gid=CAESEPYhM3etPyKfJCF-YxyjtHI&google_cver=1&google_push=AehlK4D_HeIreMIuf8WF8ql-hXIiIjatkaM7mZ1o8bAoE5NCPGGjqrMpxx0dKlk4HA8wbblFNkqL3F5Ax78WrwccYgar7jZkFA
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661073608.320299,VS0,VE0
x-served-by
cache-hhn4045-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXdINHhnQUlCZ01KVndBSw==&google_gid=CAESEPYhM3etPyKfJCF-YxyjtHI&google_cver=1&google_push=AehlK4D_HeIreMIuf8WF8ql-hXIiIjatkaM7mZ1o8bAoE5NCPGGjqrMpxx0dKlk4HA8wbblFNkqL3F5Ax78WrwccYgar7jZkFA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B49E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAoMgcKiYq770yqFF7r_40E&google_cver=1&google_push=AehlK4AlvUU_PdGTNGs5N_Gi914gnMI5Gr54tUQItsuaJgpr_ongzKh4-YXdlMhxEDv2gtnG0QATsqRPV-TJwtSpRxlPrBpxjGE
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30ACEDFE20DE4C1F9DE0EB9B5ADDD25C&google_push=AehlK4AlvUU_PdGTNGs5N_Gi914gnMI5Gr54tUQItsuaJgpr_ongzKh4-YXdlMhxEDv2gtnG0QATsqRPV-TJwtS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30ACEDFE20DE4C1F9DE0EB9B5ADDD25C&google_push=AehlK4AlvUU_PdGTNGs5N_Gi914gnMI5Gr54tUQItsuaJgpr_ongzKh4-YXdlMhxEDv2gtnG0QATsqRPV-TJwtSpRxlPrBpxjGE
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Aug 2022 09:20:08 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30ACEDFE20DE4C1F9DE0EB9B5ADDD25C&google_push=AehlK4AlvUU_PdGTNGs5N_Gi914gnMI5Gr54tUQItsuaJgpr_ongzKh4-YXdlMhxEDv2gtnG0QATsqRPV-TJwtSpRxlPrBpxjGE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 20 Aug 2022 09:20:08 GMT
pixel
cm.g.doubleclick.net/ Frame B49E
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEHZ5Qj01oIBZ4xRxV8QX3KI&google_cver=1&google_push=AehlK4BKAzZlN9r-_zZErEiGTYdemJ6hir_FnzlFbEuwhMWpvgch36wtDN1h1RqxkIuO6uPX21eSGiv5JLPr_gIUyn0NHyNwfyo
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEVCQUFDQTc4NDFEODlEQg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEVCQUFDQTc4NDFEODlEQg==
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MEVCQUFDQTc4NDFEODlEQg==
date
Sun, 21 Aug 2022 09:20:08 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame B49E
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEHN8iSr5N0Jnp5slynpkgVo&google_cver=1&google_push=AehlK4Aies1xuX-1nbjJrTj_gQiW7mH5jrqh3HuypNiqmO-nKrV-w8UqC7f1dox6L6oXyhS7MnIX9lQQwmE...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4Aies1xuX-1nbjJrTj_gQiW7mH5jrqh3HuypNiqmO-nKrV-w8UqC7f1dox6L6oXyhS7MnIX9lQQwmEmpjWyWQPX1d4kbok
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4Aies1xuX-1nbjJrTj_gQiW7mH5jrqh3HuypNiqmO-nKrV-w8UqC7f1dox6L6oXyhS7MnIX9lQQwmEmpjWyWQPX1d4kbok
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AehlK4Aies1xuX-1nbjJrTj_gQiW7mH5jrqh3HuypNiqmO-nKrV-w8UqC7f1dox6L6oXyhS7MnIX9lQQwmEmpjWyWQPX1d4kbok
Date
Sun, 21 Aug 2022 09:20:08 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame B49E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJxrmPqL84FEglF7oHbN2Lo&google_cver=1&google_push=AehlK4CBjxFaVv8w_p9PAzC5zzWooRBc1vW2E3E5QNURm2oFbz-NZgKkaHeYLDiOnDyw18_3C6yeSjstWtcc...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CBjxFaVv8w_p9PAzC5zzWooRBc1vW2E3E5QNURm2oFbz-NZgKkaHeYLDiOnDyw18_3C6yeSjstWtccUS6xweZfOTcp9Ms
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CBjxFaVv8w_p9PAzC5zzWooRBc1vW2E3E5QNURm2oFbz-NZgKkaHeYLDiOnDyw18_3C6yeSjstWtccUS6xweZfOTcp9Ms
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CBjxFaVv8w_p9PAzC5zzWooRBc1vW2E3E5QNURm2oFbz-NZgKkaHeYLDiOnDyw18_3C6yeSjstWtccUS6xweZfOTcp9Ms
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame B49E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBjp0o7nALZUmFSmbQigpNw&google_cver=1&google_push=AehlK4CTqmL5R_SfGoIBUgAOusAKARGqOMdlZDNaXS8LlIC1X0vb7ru2SrQ8nsqAp9kuLhrg2H...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1keS5tTW9aRTJ1RXhXUUY5aGYwX1RIZFQ5MHZJdDVWY35B&google_push=AehlK4CTqmL5R_SfGoIBUgAOusAKARGqOMdlZDNaXS8LlIC1X0vb7ru2S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1keS5tTW9aRTJ1RXhXUUY5aGYwX1RIZFQ5MHZJdDVWY35B&google_push=AehlK4CTqmL5R_SfGoIBUgAOusAKARGqOMdlZDNaXS8LlIC1X0vb7ru2SrQ8nsqAp9kuLhrg2HbJq4Us2P1v_RkB1xL4pwrpUAxR
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1keS5tTW9aRTJ1RXhXUUY5aGYwX1RIZFQ5MHZJdDVWY35B&google_push=AehlK4CTqmL5R_SfGoIBUgAOusAKARGqOMdlZDNaXS8LlIC1X0vb7ru2SrQ8nsqAp9kuLhrg2HbJq4Us2P1v_RkB1xL4pwrpUAxR
date
Sun, 21 Aug 2022 09:20:08 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B49E
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEK2E8ALdWMJCbxasPmCzsKc&google_cver=1&google_push=AehlK4AgnruXYH3d0uh-8SSjaVGM1KqPHHROkL-6qS2pC8Eo6ynxAKAobtkVi-0y1fnZ_eN1DAzsr0RMsjdwZHLWmlihdC1uPgK4
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjZmZDFjZWQtNmYxYy00ZTg5LWE3OWYtYjAwNjFkZGUzNWM2&google_push=AehlK4AgnruXYH3d0uh-8SSjaVGM1KqPHHROkL-6qS2pC8Eo6ynxAKAobtkVi-0y1fnZ_eN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjZmZDFjZWQtNmYxYy00ZTg5LWE3OWYtYjAwNjFkZGUzNWM2&google_push=AehlK4AgnruXYH3d0uh-8SSjaVGM1KqPHHROkL-6qS2pC8Eo6ynxAKAobtkVi-0y1fnZ_eN1DAzsr0RMsjdwZHLWmlihdC1uPgK4
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZjZmZDFjZWQtNmYxYy00ZTg5LWE3OWYtYjAwNjFkZGUzNWM2&google_push=AehlK4AgnruXYH3d0uh-8SSjaVGM1KqPHHROkL-6qS2pC8Eo6ynxAKAobtkVi-0y1fnZ_eN1DAzsr0RMsjdwZHLWmlihdC1uPgK4
date
Sun, 21 Aug 2022 09:20:08 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame B49E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J474sCJw1LgPmZZso0vgKKwz-vs1qD_fk98AxbEimV2_NErMB2zqb4dpbJYJys53YPwJj4SX4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame C526 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89747a0a7e041e4a430d32196cb20b2148985588b361ab548070d4082f50087f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11102
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D8BD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebbe0a8ecb0f66a41de6dde57bab5e298d454849b22547f287edc915b0080788
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 09:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11155
x-xss-protection
0
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 11E0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696132&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1661073607&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606803&bpp=11&bdt=225&idt=189&shv=r20220817&mjsv=m202208170101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=1&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1317411967&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=801&biw=1600&bih=1200&isw=320&ish=50&ifk=4014878424&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069049%2C31068921&oid=2&pvsid=48139986351422&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hvvep06cq2u&fsb=1&xpc=KypgjUnSeZ&p=https%3A//securityaffairs.co&dtd=203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 05:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
272523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:38:05 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 004E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:08 GMT
expires
Sun, 21 Aug 2022 09:20:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 30D3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696134&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1661073606&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F134651%2Fcyber-crime%2Fgrandoreiro-targest-mexico-spain.html%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661073606723&bpp=11&bdt=170&idt=238&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=2895955439298&frm=21&ife=1&pv=2&ga_vid=2048833461.1661073605&ga_sid=1661073607&ga_hid=1841966388&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=475&biw=1600&bih=1200&isw=728&ish=90&ifk=4000786101&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C31068737%2C31068944%2C31069004%2C31062931%2C31068921&oid=2&pvsid=2713396581185611&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mwpifzmda02t&fsb=1&xpc=dUXXmj6WFR&p=https%3A//securityaffairs.co&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 05:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
272523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:38:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FAC6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:20:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C526 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:20:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D8BD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 09:20:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 845A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 23:03:50 GMT
expires
Sun, 20 Aug 2023 23:03:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DD12 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f7a78fee4d1ed83556b084c4adedbc153ab3ca053e8a15f2b6ea5aef06dd5f5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f5alsNoP6bAR3xJ9g4x7sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-f5alsNoP6bAR3xJ9g4x7sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:08 GMT
expires
Sun, 21 Aug 2022 09:20:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E88 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 23:03:50 GMT
expires
Sun, 20 Aug 2023 23:03:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F1D2 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c5d35da3833e9dfbdad9298da1448acedfeb788908596e103c01088f43edc64d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U-o92EfxZVeYFTvpHZQuVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-U-o92EfxZVeYFTvpHZQuVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:08 GMT
expires
Sun, 21 Aug 2022 09:20:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4E1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Aug 2022 23:03:50 GMT
expires
Sun, 20 Aug 2023 23:03:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 11DB 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5e7543905b7516c92333a7f7aa4087f2d62f9b6890b65449850ea10c95ec753b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EGNOF7Aur-auC5fSSXFDFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-EGNOF7Aur-auC5fSSXFDFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 09:20:08 GMT
expires
Sun, 21 Aug 2022 09:20:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 845A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 05:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
272523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:38:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DD12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=48139986351422&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F1D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=2713396581185611&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 11DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=1132270297930393&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 5E88 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 05:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
272523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:38:05 GMT
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame B4E1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 05:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
272523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 05:38:05 GMT
um
u-ams02.e-planning.net/ Frame DDB4 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=17ac4f1943b63098&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D17ac4f1943b63098%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Sun, 21 Aug 2022 09:20:08 GMT
server
openresty
generate_204
tpc.googlesyndication.com/ Frame 845A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sCKIxQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
async_usersync
ib.adnxs.com/ Frame 1BEB 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:08 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
27150795-765e-4f01-b083-7ff090414326
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D277 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:08 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
04962502-2708-4005-aa6b-6afbe21c24f4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4583 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:08 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a3f1b154-68ab-43c2-9507-98a33ae5b548
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5290 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Aug 2022 09:20:08 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b3feaf63-af45-4c15-b056-ad5e2af250d2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B4E1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dwP0VQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5E88 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uPGThw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C526 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=48139986351422&bg=!Z2SlZCDNAAYUOm8VNDo7ACkAdvg8WsM3UfkSso2GFwRcO40vnsPkuV8e-F5hitz2oEYdLQ3x0iJd2AIAAACLUgAAAAJoAQcKAHfaoio84rjpxwc7ZVjSMcN-WzSgvdpcq3G18GNYH3y2D3lrpV-fF5V8YxB3YLMPfMSuihk9uggv8AZooB2z6IBGnz_fY_46hpc3CqDdUgCG-KW-UkzPke_VSFd0V5ZEIFRkejrPfp9w-NEAG93uioMWyb7FHCGMbZkC9IEDCnVb03jWWAsorUcmXfbmIjBfw_3rnMFthkwUIIY4n2RcjzTrxeBRX3c3htOIMDjMG-wDUn9BuS_sBjsVM7u0OZga7SmFPxPbAnRdQ1p_uuL20q_H0XKELZUwn8ak9v_sKqCNfL7nlkfSAJIUvI4GubfC0hUyh2nvzeB7B9miAbhgBHrYevWWeWF_c4dobwjx7t0SId0QQmFmT_Ft1UYFimsAGD9bk-bXgqQkJ-GKFb3trNSubpbe8MiTSM8fD7MLm6bst_FupanLxiDym3EcIK7exXdsd3P2px9paIYQno_F73C2E-qWWlJAmrxGXvBLqoUFOcyphPdo_MVD8FFsso0k-nuImpLwpB_VPj14uDL7lMgqBwtMo-5Um29nS4XtrYOouErHsTfeBDCFF6hsRiYS-jHBeZkE6jC-g_4zgl7oZ5CJKuhuGz6OmWsiGHDnX2kgVvhXBcruRH-HjCzE_m1evTQkuD7m2x5vaaTrBZRXJpoMnTE70aviLxJos8TWQ30yOCiiWr34HE783czMKT9A8b_6rKWIofNzDneZ_N9puBdgpySpneuHD7jR6eRG1Bo6zkQE_qHQaz45yN9LP0DgI1JwYJBKxk67zWL2pHbwZLjS9hs0eMg3b_glwcqfPjt_2rV9URT1jbIvTLCPp2F889GTFAA9CghkfwULGk_63ww_d78vssujGy0UWEvReoEDR7-yWMFlBOsdeYJGF4xh6CDRVdd8zMKvKs-4Q-xegaf3Ay33iTrHTeX0AUYM8mUt1QoMdPHKVWF2ga0MevWp9SvbCSBfc0qyvEHZ0Xk7h3QNAinPDRHKCq-rH0KjfVyGPHO1rvJppoCqCcWixZQ4IvzuJGqW3vE9v67QJfhSJJ22GP-H_q52iZc55x43S_qWNxlNXmzsh7wpNZI9chz83D_HprfRNXJtN2TaOZ012PZYF9kW7r-8vjdVKgHkfFZjizMjI8N3y4WZ79rdqnX-09A-5wKDJgo0H-DPbivkxA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D8BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=2713396581185611&bg=!fH-lfzvNAAYUOm8VNDo7ACkAdvg8Wpg4EbfqPeKwCQN3wxu5qchw1n0uG5PPyJ-DrOT_IylqdroU3wIAAACTUgAAAAFoAQeZAuUDvscxBqkiWH0X-NzkwtXjBWIEEeD-NOvhXDGnrOSys7a_n_GDokHowhmaxjKBnE8wTHLmY-10VMLc3zacNo9vG_UybSPCyFyTRyTrTjLeE9wiOp6VrvgPfjWkKD93IKsp4INKm-6n_nCNBsKx51N14gvUDAYPg1ZVXTG95IdGPbmDKKsBj_fg9xOgFtCbO5TOCXAMVaZPJ-wV7M4voQ-DPn47XKe8f6hip056SdzbtDviY-wg2GuEkIyhVgQ23NmPSReJ9eLm6hRBAvPq3dQmWFrclrZxGlZHIDKnmZl3FgU___dp_oj-_t52w6QRWMCv_Ak8oANcy_tFnrflMf05YF_Z-Moe1Ne1LImKbTPBFAaoeggg3lht3zRR_BUOt47wiMnyyW0Hs8h1Xgmw30f9VLSTHbrjUHd8s0GPYDsstEY_5_2o-NH75BF54xB9DyqEtd8aTdhYW2ZTbYnJ0_2I9bhs02_nI78o109aw3WXyqSKofKszBr2kDnNlKhPKDchmeCMdBrH1jfa-ayBd2-MBo_kCTx0mn704zPIzRYZvNnozysVzkntYiIUf6L4TafNVxibljKL1gdZm0QRfy2YoOOCTFqr99mzjGlEEh3Ti2qAEu7Y3jGMqbHCoKnRi70BCi-yhzAXqXeCZ3_adNd2cRklFjDRHjR-mqfbxROZrzUUfU6RmCwc_2DF_t238-kT_Yf-A_fP2GsZRp0z1_CTE1G6N_dKASf1gPY7QbTPmErIVpDu5BRr3vFD_B7bdknPhMPjL-OTFGID496mazmIvutkGpvQpJA-90pY1t99lRDFEagS6YFSyXgtYqRC65AlPKSnStIlF2c_TkAzL5f54aChbiKlcJy5nLa3UpWHgUw9Ccy4p63KdIeISgoJgGvpmnA2kPU2dqng-p4ebC_5THmakAA35STqD3GHKAEVQwTtcWuaM5a1yHJLDc1Qg4D3B-ju5iVpluMW022QQoaefUhjWYI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FAC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=1132270297930393&bg=!3d6l3prNAAYUOm8VNDo7ACkAdvg8WkS-0wPEdPzp_dhCfpPXkFyClGvxagbetutSLPRa6uUkjbR4tAIAAAB8UgAAAAJoAQcKAE-u5pVoliqadDslsMdtAB6BzObU6YRcYNIgiMtBE_Hb0LECKAvI0oWCgOuip8Q7Sl_yW_2utY0_UtAUPdeqeLwxPGLr6AvK59JPiZRqzJg2mQLfKVeuVRkVu3kp8NTXZ0jLQB0bufLgP--QA3N4XEK9G7lh2fR9w2-ulMMQjqvB2ZJ1iP2IdjCTwL4x6uhvaF9beu36IHglm-1Aix5h2tuoulASPapTPaQxmn80Q0bGHg6UO6BfTajcYZxIgJOLHdCHP1T86Q-54fMgkKMxVFgSqU1tmvy71iNviwTm8zkYUvtWjuz2JbBx3mM0r4oPMlJNpw6Ye7bUcX4H6VZWwh3QaZX5rBq6aqjGeMzhJ6Tm7c5WlXV3K_-3NptmHXpPzb3GCrE3ExKKtAIRda-btW2GiROMtxyE0YEFwKyD5wCb6d1hNFoF-aqIIzNBmVI1FJy8lJmjbe5n47bcnn2KdLT7dR0-dxX_P7Z08E1MRJrEg-Ehl4MSZV4_AL8BRKtYc6e08Bpl60QXsDh79cQtqECqSd3sMTBRl-Sv9_-xRP_ZvJIeaJsvUIcHfmwjQlnRuj6Z9SVpHXuUo0byxWoL1ZKd6xM4hCiLG7f5kqPPVUimkYdQWQJoJ3IFtCeMnphm_9ntu3oG3tEUvBTehJlM3paEL7_Wg6TVmBNhO1DUeb3nem6bZUEKHuSxpG7KuSUdAaWEzUvtka02jtirBzTnSRTacps0gGztCvxvfTuDTds8B6auSfvQWgEkY6NM4Ch9Nu1IYpv728sm29vZcv6haYH4_sp66ikTxHRVyQT-V28kAoM6_A89Y3bZbGWxBwCaNM3krwY4qi0gDT42aty8kQdeG7cYxY4Sey4qAZux8Q0au5LxMidGdI32pQ9o5CqK3U5JcVY51hbO__NhII6q6a0jwVwGfGyDTRJUbNq0xe6CXE_T1HoTN-sCL2T9zaC44wnefIOPwJUNHtHI1WIfFJJkK-MCWkQEdcR4x3NqHiWUehjjLO23akzpeM8E0m0MYqZWkS5Nr15M1v8FHLe7mfrbtaLN_9I97ztObkTezr9mAEs4Y5InWy6y_YqVlf5GfTek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame A7AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk5gjuYoibx7jWrBFd7Hk1O5bcp0U6t90Okr5hobr-JMn-_28R82vbfVZjsHo-gYu1wQBbho7eJbXcFjEd80tl1PMcSiSrn-usOLliyNFKbbxb6uaUU1cttWA7IE36W_FvqRLZCgZ2BLA_&sai=AMfl-YSpQzQDbfcc0HfLxHUr16nnaC2uR6v1hbcUYd3TsMc_Uxv-oT9iLU1kMiP6RGySH5ry9ZUstx38PrFl1TC9TIDcwLXgO9s_Jxc&sig=Cg0ArKJSzN2iZtQXkJaEEAE&cid=CAASF-RoX5CXN2HqwzJrDu0gQC2V2ahf6d03&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=468307373&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661073607007&rpt=1310&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6743 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstARfeYjBn49lS2FnQ_FR068LsPf_jprWa1sVgW2c8h1PiTTOjSihD4CkSm3ZKuNwKRCy8lwNuQKsaTb_6W-ySri6pxUxTuMkEdTDbL0I-ZLpMQna_012Pc-UkMtT-fsaBEP4W2ooDmR4To&sai=AMfl-YR50TCKWNmQtFekp2_zXup-Uhx0oanzddYLdS7T3Nw1bXlcYq4CWPTQ04aseZ-MRd_SVTF5xao61v-E9LyIaRb4nLLidFy9vTo&sig=Cg0ArKJSzHWkRamDl63LEAE&cid=CAASF-RoiBnlchPLrQ3BfgzKCJL9UyFpRakg&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1194620937&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661073606977&rpt=1352&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 09:20:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 23 Aug 2022 09:20:09 GMT
300x250.png
cdn.pixfuture.com/banners/ Frame 6602 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/banners/300x250.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6251b4b4525b9007511a48a6cda9a168f07ff77ccc4dd75759486af624a13301

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 09:20:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
163590
content-length
45195
last-modified
Wed, 03 Feb 2021 20:39:58 GMT
server
cloudflare
etag
"601b0a1e-b08b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMraPrnnluz8txJY91dl0kWgU5TRXrhvob5405V5AcQ5Zc%2Bfolzu8ba3IShrnxo%2FjW4Tzizu9JQvWi8%2FosqVcxIqKgEqEkH7DHOQVxDG1r2kVOfGLm6DWLwvje2OGugnCMhSscW56cqPD12vKYPM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=172800, no-transform
accept-ranges
bytes
cf-ray
73e24a8be86c9107-FRA
expires
Sun, 21 Aug 2022 11:51:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=a27a5f2dbcd76fca02b031770446541d
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=a27a5f2dbcd76fca02b031770446541d
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=a27a5f2dbcd76fca02b031770446541d
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=a27a5f2dbcd76fca02b031770446541d
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| mnetCustomerData function| injectMnetScript object| _mNHandle string| medianet_versionId object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion string| refQuery object| stLight boolean| st_showing object| st object| __stdos__ function| __sharethis__docReady object| __sharethis__ string| GoogleAnalyticsObject function| ga object| dataLayer object| _mN function| logFailoverPing object| WPCOM_sharing_counts object| click_object object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq function| st_go function| linktracker_init object| wpcom object| wp object| twemoji object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| isPending string| prebid_file function| findCMP_PixFuture function| onYouTubeIframeAPIReady object| pbjs_pixChunk object| pbjs_pix object| _pbjsGlobals object| mnet object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

96 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: d6fcca85-21c5-4abe-9a14-80f416f05121
securityaffairs.co/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.co/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.co/ Name: _gid
Value: GA1.2.1197736727.1661073605
.securityaffairs.co/ Name: _gat
Value: 1
.securityaffairs.co/ Name: _ga_P62M3QN974
Value: GS1.1.1661073605.1.0.1661073605.0.0.0
.securityaffairs.co/ Name: _ga
Value: GA1.1.2048833461.1661073605
.agkn.com/ Name: ab
Value: 0001%3AorNs%2F3oAHiOpJ20FNizPP5hjA0bMxYiU
securityaffairs.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.securityaffairs.co/ Name: _pubcid
Value: e90af49d-cbd1-47b0-bf2e-101c4210c384
securityaffairs.co/ Name: _lr_retry_request
Value: true
securityaffairs.co/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Hc$a>7YE!1yIE'Yg-$0y=/d!!'6Z$Xx-M
.adnxs.com/ Name: uuid2
Value: 355593504253381223
securityaffairs.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-21T09%3A20%3A05%22%7D
.rubiconproject.com/ Name: khaos
Value: L734C586-6-L70F
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrVep0DGuU00rU1ZxogGjlwOA+xFj1I9sd0zdRXVxf6zAqhaLoaiVan5FGfGNePc3/th4iWCi6WjspbV3mhqimWXjmaZkH7bMyyqVI1k5poNA==
.securityaffairs.co/ Name: cto_bundle
Value: zXXZPl9mS240QUlCV2lVcVhMRGNzZjRxMW90eld0a2pCJTJCMHpCdnFZZ1pmTk5yN2N1cHhFR2VTOVZMRUtscDYlMkZwM05Dc2tFUlVqcUtOSUtFVmdUbnElMkYyUXRMQUI5TlN3VGNhS0hDTVVWUW9XNXRNSU5QckolMkJTJTJGaEphRnV0STZuS2RnOW4
.securityaffairs.co/ Name: cto_bidid
Value: 53Xv1l9NTzBGWERWZ0xmYUhLSWU1VmVZMkU4cGdqOHJQdEgyOTFTS0I5dWt0cmU2Q1phdGVFeUhqNEJEc2hZYVhSa2l6ZWVzOEgzbWQ3Nmlac1duNTdiT3E5dyUzRCUzRA
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AKRJQgZawetfIN2w
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s8718|YwH2T
.casalemedia.com/ Name: CMID
Value: YwH4xlHxavl-PMSUvJcpJAAA
.casalemedia.com/ Name: CMPS
Value: 5172
.zeotap.com/ Name: zc
Value: 5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1
.zeotap.com/ Name: zsc
Value: q%5B3t%95l%0E%7D%C2%80%DB%1C%DF%FC%F80h%10%D8b%AF%17%A7%A6%C2%972Rc%F5N%D6%EF%2C%CFF%99%26N~%96%06%92%FE%F5%F5%A1%9E%D7%8E%B8%91x%0A%E2%DF%98N2%A8%17s%BF%90%E0%B5o%81%DE%D3%9A%26%89%DA%23fRMn%5ES%9B%FFct%5C%7Dy%FCN%27%9F%B6+%B4%D9WP%A0%15t%1E%5D%94k%CA%89%90%CC%E47%E5I%3C%08%D5%02%8E%F8e%15%07%EE%A1A2%B6Qk%24%95%24%A0%86%83%88hQ%E98B%02%C3%01%F5%98%AEg%00%D9%B4a%2Fu%3D%F3m%AB%A9%CB%98%0CV%A8V%29O%C0
.casalemedia.com/ Name: CMPRO
Value: 1122
.casalemedia.com/ Name: CMRUM3
Value: 086301f8c605a00&f16301f8c605a0&116301f8c605a0&bf6301f8c605a0&e66301f8c62760&2d6301f8c605a0&276301f8c60b40&416301f8c605a0
.casalemedia.com/ Name: CMST
Value: YwH4xmMB+MYA
.tapad.com/ Name: TapAd_TS
Value: 1661073606534
.tapad.com/ Name: TapAd_DID
Value: c0ab74fc-ee9d-403a-abc8-d0fea689ad19
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adfarm1.adition.com/ Name: UserID1
Value: 7134256814033729691
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-5ccc5590-f076-37da-b2eb-548172a66aa4
.demdex.net/ Name: demdex
Value: 69592146284420961523433012912715034395
.weborama.fr/ Name: AFFICHE_W
Value: Ijeb1XuuhYsi63
.brand-display.com/ Name: _knxq_
Value: d9c2a880-70d4-0ba8-985faab1.1661073606.0.1661073606.1661073606
.dpm.demdex.net/ Name: dpm
Value: 69592146284420961523433012912715034395
.doubleclick.net/ Name: IDE
Value: AHWqTUn3eOiUY3oFblbsuY5-uxhrChG4q2uG4xpx5b4uIConZ_j5ZC40QIbQtq4WclA
.theadex.com/ Name: axd
Value: 4303313174668382678
.theadex.com/ Name: tis_bgL
Value: bgLeAooz
.tidaltv.com/ Name: tidal_ttid
Value: 1509ccc8-4865-4832-951e-0536c08e25ef
.richaudience.com/ Name: avcid-zeo-uid
Value: 5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjI0szK0MAIA7cPNbwkAAAA="
.krxd.net/ Name: _kuid_
Value: PB_RwBCg
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
prebidserver.pixfuture.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUtSSlFnWmF3ZXRmSU4ydyIsImV4cGlyZXMiOiIyMDIyLTA5LTA0VDA5OjIwOjA2Ljc2ODEwODc3WiJ9fSwiYmRheSI6IjIwMjItMDgtMjFUMDk6MjA6MDYuNzY4MDg3NDQ0WiJ9
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 602023df-1e57-46dd-8490-9cdca2a8924c
beacon.lynx.cognitivlabs.com/ Name: ss
Value: bzv%2BFnRpO2g8veHz%2BcZo%2F8h0Yc0iSSX8QHO5xsogpfOkMSmPT5OvTljgpNTMJ2ycxmYKIErqoqNN2vIhI%2BVKYQ%3D%3D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YwH4xgAIBgMJVwAK
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e484e37f-ba5c-463c-8026-faa49b4a9b86"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjEwNzM2MDY7MjswMjFxiFMkh1J5XLlldaE3DujHJhQafOVOiy8RsiiyO8EQWQ==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2687:u=1:x=1:i=1661073606:t=1661160006:v=2:sig=AQFI8UTHFAbQ6cLOOEJlLM2KOZYLp7tF"
.yahoo.com/ Name: A3
Value: d=AQABBMb4AWMCEESZeYYCDsQVEsVclgOE1PMFEgEBAQFKA2MLYwAAAAAA_eMAAA&S=AQAAAuWYQe-TeLTyCQuaXxCa6-Q
.casalemedia.com/ Name: CMTS
Value: 1174
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.securityaffairs.co/ Name: __gads
Value: ID=9192456b3a80a744-22ec2c27ffcd00fb:T=1661073607:RT=1661073607:S=ALNI_MbuzvtYsmiLief9C7Uy6TAtULxxTw
.amazon-adsystem.com/ Name: ad-id
Value: A-PKfivUJ0T6mz1T-HU4Vo4
.mathtag.com/ Name: uuid
Value: 7ee06301-f8c6-4c00-846a-f8a8c809a4d5
.fwmrm.net/ Name: _uid
Value: "eb5e2_7134256818314184597"
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4490363118202122320
.audrte.com/ Name: arcki2_ddp
Value: CAESEP-DcbgBZmtjuhn_9yNgSPw!20210804!1661073607772
.audrte.com/ Name: arcki2_adform
Value: 4490363118202122320!20210804!1661073607890
.audrte.com/ Name: arcki2_TTT
Value: 1661073607891!7d0jcryHYraTcimEJzMK1n9AA!H4sIAAAAAAAAAEWXOY5lNwxFF6NYAClSU+jAgdGwA8MbEDXsfwk+rwDDSXf9+np65OUdWNJusbN2PuXObC9WnkVXjmn7VDvlaaTZz6zFS+56W/a5Sp6rS7bpcfa+49yedjlTZc6sdUe2dXaO+0ZetusaKmKxU9tz+Tw19zdKtttOnvL4KaRIm3Z0zeS67xLzzCfJfjkZaiV7UXtWVn1akj4vtRzKWdTs0WYehcKixSx3NO86U7SiOo9m3luzt/nyqjro7u5+aPA9TWXP90Ra7jdqtqo3Lw0OUUuLKm/vkaS4214r11lPNt2aR4zI9UivKtrLLOn102PyptuXZx838pC9MjXf0+3xZUl+vb3bZ367Kq/j+3m5+J0mrZms7S2tsU+MOvLl89ddzTFay0VKHUpvYi2VW/eYu+R96d7jckipScaMQW83Xk39WjsXCMqzDs5Gd4N/rLUYV6qcBk5yi4858lkGTrobAw7Lw5e1uRojeMyOutu42WUCe/EKmI8+X6ngIRLL01va6t31u8mznVfzfM1yVR4v42g/BuJjLoUFJ05k93MzSEeO7rtNF1cKdx13GCxqs1PulQdVXHK8ttUDLjgsKCBeZOc+IK0398xTkV85Z5e9ex81HZ/6NugAMdVPezmsSd6Q/MqoXsOSr/nCFrPb42XvzqHxTel2uXK3rRiQbl0ws7yfKq+DngjDsngJaVXu7T21tkuBK7nd1xACA5qVUdYxmfCM6/2kP/7687e/f/3+Ty69fGMVn33STt33IMRpoMcc5g9V0eWYlUnst1sC6m5Dd35vG4ek5mHw9UHDo9UgY6R2O/yDiqp0whzexzI0BJ+mrr2neVqqzd/oGb6gQXQKNyh8iExTWws/SBdVYwOe1zdR70AEAyUv0XUCdMaYCYN4ZXKo2+GQRMvwx/NVCBNQ7L2ThumUVXu+t6DrfhW+avDO3pDp0lJmqsxj63BGZIPCh3GIO6UwvShVzOhuxt5C474qEw3GDoF45to5x2X0fVL/buj18yrjdY4kY9JdbWduH+UDJW1UsEoHx7YR2ikcR6b5voNQhz3xkcyt1YdDbDj1HTpUFx+VoPSd65m+pH5xKbix4CTi/0hdYdld+yKB1lFVKhXACq6H/DjkGNI4QmEwYwS0sW50t2u7K5BHh4pMO2MqOMSAmkHpw2/6zHne6Gjwc63DO9dnSHBY78Nx67zYyH1XfOXd9MNpoGt0keEIvG5xSov0XlNshZd87m07qGkxYBjQXzV77RRuGhC5PNQ4PkOKAh+E2bUnZ7l/npPk1r46w3qz909DHxj2cZj/QkuzddN2ISCUInDLDLQ4BNHBlIkYogikT3qVa6ZFbow0ezXC5PN5fHnFj4oUodEpBCoZnzAgADGqXKgxtsxNXRfEMQ3vcj4H4lCDvtDlQ2SD3PogxbWQ72lUagKLbDPqkPfddPXhUWehax/xogIBWULA+Rdwk5rkBb8+/FwtAXjsKCOXLyV/Ymm1ebPC7oFsazNuEohExuRj5evu4loTJxwmJ6hTx/bkG4/CWnO9a0D0xU2la67PiJGuVcpKgSjLw7CW4BUONfIgzDIm0g0PI1Dozvc54x3A7BhSPYylCbFRQfmdgq2MdDZUV3o6gu68b+5smwAiD/de2nGbZPXqfpA6dkXmpg27ZUq+kHgPmSILuz2jablUcr6AGxgKzpzjXAO5QbkCmI8+1Hjd+7yAFkIGhZMd+znhZCt9jqM8RMriGjZpceL9+Yz+esFSTC83keKnQkq2BuwQySy0CLZv4AO6kXNyQGpTlL3j86fyo2Dlzht3OHlEzUll+dqCHe4HmAfjHPN2jPUihDZOqT2NfYtigLgKUzbWmbw6dhd9Ru8k5baaiNxn4pigcJ1PLH5dJLWFEJcSlXpQcHv1AuZc0JPlhpVj4RqLHi4avtZr2oMHK3z7SI8kSZTVnI+jlG2zIFH7P0zccLrSOaqJdNe1Xsc5/SM2JITJLVcc2E7vqvWliaEKi8y3zHwDZSNZa3FS5igTzwoXYgK5Ft+Z4GHWV1gMGM83+qoz3pCItKkXFwmIT0vOFpbXxE2DsetYhrudJF/64Hp5+iM/+ZmseZ8Yg2DZk9VhpNG2WGH7wKbZM5AWmx38eIudraBQsZ3G7LKCVLvn823cDBchOAmjTmI2vGakIoG5LiX4P9+u1Dw7fe4+EOXhFOtfEzR+frIovsL9wB9gq9OtHONxxnBYGl6dmB4+B12VEAzoRtdEzOOhvlNfJcrGSLGMb9XCA0PQUTs6G+7fammpjWc/6DWOfqlT0Mkk5Ha76pWLoEaNroP98BsGOA1CbH2mRMAfko8NqONsbDch0P2SmJAMiBgnh9hWSvdyY5MAJP1o2CPmDQucjWaed3Ot9+DDEEZrihrf6sQuXuE8iMsXgvjyXNBwmbFDprocBeIIgWHgkU2/Vazlw1oBhr5XKIplivA59/Ip8rNkKF3wyBP+UP9xmFkffdYvqybE7wROOOsbhszajtYI1FTYg0GBNw2074esIXR2LtCbtfcZC076lh8Wy8vr8H1/HJpDbpZGafyOhfKlchbfroZm/Ns2v8x89ftjRlkAK6virKl+u4nub5/7z0jjOfbVWbD5Wwc9yr9yjkgxLA0AAA==
.audrte.com/ Name: arcki2
Value: 7d0jcryHYraTcimEJzMK1n9AA!20210804!1661073608019
.eyeota.net/ Name: SERVERID
Value: 18536~DM
.ads.pubmatic.com/ Name: KCCH
Value: YES
.quantserve.com/ Name: d
Value: EEoBCQH0JoEA
.quantserve.com/ Name: mc
Value: 6301f8c8-57277-b59dc-52451
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~26pl
.ads.avads.net/ Name: av-mid
Value: f6fd1ced-6f1c-4e89-a79f-b0061dde35c6
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 30efac72-3526-43f0-967b-52629ca92fed.430287608
.ctnsnet.com/ Name: cid_3511ea7cf16d42d5991ab1e9e8911ca8
Value: 1
.ctnsnet.com/ Name: gid_CAESEFqN74HUvcqBOaftpHlILLQ
Value: 1
.simpli.fi/ Name: suid
Value: 30ACEDFE20DE4C1F9DE0EB9B5ADDD25C
.doubleclick.net/ Name: DSID
Value: NO_DATA
.go.sonobi.com/ Name: HAPLB8S
Value: s8529|YwH4v
fksnk.com/ Name: AWSALBCORS
Value: HyCwi+5MzTf1wr/Rk2vpcq9zCjH6+/ArBvXh3yoFRhBSmhlEl/gPfc4WeNE+XOMJkyiko6cKdGJSb2rwtkkSiABJG6VP/MXJqQfOqpjg4Bo6EtLxWClnUSwRoRfx
.fksnk.com/ Name: f_001
Value: 0EBAACA7841D89DB
.fksnk.com/ Name: g_001
Value: 1
.bidswitch.net/ Name: tuuid
Value: 6556ad1f-10ba-4095-95b9-baae60a7d787
.bidswitch.net/ Name: c
Value: 1661073608
.bidswitch.net/ Name: tuuid_lu
Value: 1661073608
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZoYG5sZmBhaWwEAHH-cGEQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjYwMDYwNTIyNRbiM9QtNDd1NjPPciyq8jIEANQU0mAlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjYwMDYwNTIyNRbiM9QtNDd1NjPPciyq8jIEANQU0mAlAAAA

10 Console Messages

Source Level URL
Text
security error URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter(Line 392)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=a27a5f2dbcd76fca02b031770446541d'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter(Line 393)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=a27a5f2dbcd76fca02b031770446541d'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter(Line 394)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=a27a5f2dbcd76fca02b031770446541d'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter(Line 395)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=a27a5f2dbcd76fca02b031770446541d'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://securityaffairs.co/wordpress/134651/cyber-crime/grandoreiro-targest-mexico-spain.html?utm_source=dlvr.it&utm_medium=twitter
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://securityaffairs.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://tags.bluekai.com/site/87734?id=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=5d94aa8b-3c13-404c-5cf6-0d0f2d10f3f1&reqId=29f348c5-e548-441b-67f1-eea921dd7bb7&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.avads.net
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
biddr.brealtime.com
bn01.er.bemail.it
btlr.sharethrough.com
buttons-config.sharethis.com
c.eu1.dyntrk.com
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.pixfuture.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-analytics.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.e-planning.net
i0.wp.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
js.cookieless-data.com
l.sharethis.com
lg3.media.net
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pixfuture2-d.openx.net
platform-api.sharethis.com
pr-bh.ybp.yahoo.com
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
ps.eyeota.net
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
s.amazon-adsystem.com
s.e-planning.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securityaffairs.co
served-by.pixfuture.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum.casalemedia.com
stats.wp.com
sync-tm.everesttech.net
sync.go.sonobi.com
sync.inmobi.com
sync.richaudience.com
sync.tidaltv.com
t.co
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
vid.vidoomy.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
fonts.googleapis.com
pagead2.googlesyndication.com
104.111.215.191
104.17.120.107
104.18.18.126
104.18.19.126
104.244.42.197
137.184.242.150
141.95.98.64
142.250.186.130
15.197.193.217
151.1.205.165
151.101.65.108
151.101.66.49
157.90.211.246
159.122.14.34
159.65.197.210
162.19.80.92
178.250.2.146
18.198.126.47
184.51.8.30
184.51.9.44
185.15.245.83
185.64.190.77
185.64.190.78
185.86.138.32
192.0.76.3
192.0.77.2
193.0.160.129
20.127.253.7
2001:4860:4802:32::36
2001:8d8:100f:f000::289
205.234.175.175
209.54.182.161
212.82.100.182
212.83.160.162
216.52.2.39
216.58.212.162
23.205.235.133
23.35.228.23
23.35.236.201
2600:1f18:6593:f607:ba15:f8ca:726:bfa6
2600:9000:206f:3a00:c:abe:f440:93a1
2600:9000:225e:9200:3:c04e:c780:93a1
2602:803:c003:200::41
2606:4700:10::ac43:db6
2606:4700:20::681a:644
2606:4700::6812:bcf
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400e:80f::200a
2a02:2638::1c
2a02:6ea0:c700::10
2a02:fa8:8806:20::2040
2a04:4e42:600::300
2a04:fa87:fffe::c000:4902
2a05:d018:24:b001:736:16ab:a44d:3496
2a05:d018:d29:3605:9ba9:76c9:a8da:3df
3.122.214.165
3.123.47.246
3.126.56.137
3.127.240.71
3.229.243.180
3.66.208.67
3.73.18.26
34.107.148.139
34.111.131.239
34.111.151.213
34.149.20.76
34.199.174.189
34.249.241.1
34.250.36.127
34.98.64.218
35.157.246.167
35.158.200.182
35.186.193.173
35.205.207.25
35.227.248.159
35.244.174.68
37.157.6.246
37.252.172.249
5.178.65.245
5.178.65.252
50.31.142.127
51.89.9.251
52.0.165.20
52.2.211.96
52.204.175.17
52.215.111.225
52.30.61.76
52.94.223.167
54.73.80.98
65.9.66.68
67.202.105.21
68.183.31.14
69.166.1.10
69.166.1.15
69.173.144.138
69.173.144.139
69.173.144.165
85.114.159.93
92.123.9.160
99.86.4.127
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
04fd94272f504c12875a334873f0e6007773345bdb21640768f9193a32d2ee69
054b572fa07decd2b4c51cc54bf29f4b16ebfacea849221e7ba922b76c4b5f29
05fca160dd5ca8a4c9b702768a3f4accd140ad0579bf16dd5f5b2f218e8c755d
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0900cfb5d1bd1de2899f2fe46fc1a5843d69df0d57584189be067d56098aab74
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0cba4f09b5fd00dab72d1cd402f55cd5742d8ec9c448a131b376edf55d63d0af
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0e6928be1932b5b6f9cf73cc080536daad46427f8246e7e1e70e437857c30d9d
0f7eb16734f3561661ea64d1775723e86d1ce5a79a0ce4aee36ae2f716bef22a
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1267fc6c8805b7f508e04bc8da776509420413adb25e197f12c9f9405c74ac6d
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1709cd39402d83321f6aa7bf2c23e28ed5bf67e2e7528ef1114973731e0d9b4b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18b94eb1fd3f3cb573e453362c7982056ac788c200994529301fae75512992dd
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1a45780386440e18769363204dc2456da89d7b1a73b5bf267654baa2c7ad3ab5
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
27857e1c5c4c5e53017945fdfe2e64067d3819b1a456a724ac751aad8dd7a352
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b02c99b94bd29097fd168548bea6dfc28c9ffd3c2d751c1f375c9da902d8f63
2b5442914c910a99307d022d95e7335b497d05c7eef1442cb3e971d6c15572d7
2b585d8a61ebab54f1198cdbaa551a91c4621d5dbe479bf66f45bbf43e650d14
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2d8bf28ddf859a0072cd4bca62306d8c8ac626f25da198576cce43f343ee74a7
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
36857f6727abbaf2086d5bfb60ea9f3d7beda614763335d9142ba52a74e2a929
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d
3bd59176579fabab1b5182bd230360b8b4a0026646b82b2980dbc2fa690ddfa7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
43ec4073d62958c460872f86b38f583f3187995f0147e29144340e6826e05cb9
44864624b0d07caca2b0f5dae3c25159dc0206cc4ac125f61ab4e463a40692dd
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
46443e7bcbf4d3c09857f19d067719ef9e1d77102b54024ff97019e153df6bc0
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a77aa8515e0914305d566f070e6aed1f158741280d2dfb5a9cd6d48c8bb3599
4bb2063016321cf32f53e00789010d39d04824e948e1e671c1311029680d86be
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4f63dd0b61ce04aa584b8e79205835d5efeb64f2d782b6955202bdfe4a53882e
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54b769ffd161d9e25cee72fe6a5bcddccd8c6b69ce7e852876cfaa9f80fb2296
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
5533dd7a9e00db5732c6b6130725d91dd8f294e314c72bc25bb099d87074ff0c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57dfb56268ea657807768b39d3d798dc7333f12b1b437dfeb5c984e33b0b3fd5
5c36160fa1462f5a1d9fc2cec5a710af5a9a39e96e951d9a4bcaa46053761d3f
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5e7543905b7516c92333a7f7aa4087f2d62f9b6890b65449850ea10c95ec753b
5f71501c523e41e5919ebe413ecda4bf259adcf9e81c65b5960c834bd862d928
6030a5f79a90a1d8a7b3824daa9982e3274d88b012806c9db8cc2576d7b58948
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6251b4b4525b9007511a48a6cda9a168f07ff77ccc4dd75759486af624a13301
64c41a6752147d6209ab9377bd28d1970be83a0a8d8617dfa4ea8dddf0516194
64cceeb3c786c3e8477d10446dc4013462fb4c47934d638156e1f0a91fcc075b
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
662c2f0cca89c1f98c91b625ee090539c3967ffed31debc83f323816e690535b
68519228e434605b231a755ef888366a63fdab471a63db9795b74802529717e9
6acaf1e28f06b9575940731ab904b18dde4d2bf52618c42fddb14d0d9b6c028c
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6c95704e131d255dcdbceccc0d77ca6b483ff9b380f8fa069ae1e9da7f58d23e
6d465b21cb400449cd11a03b53bcd10c0319719736294e9a33318172e048ca8b
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1
6eab47c17572a089ad9ceb4c9694a99d7f3ffccd5d1c778438016b1eccdc8f0a
72294b447b5aedc43245b8d5e4b396f849178e8218e77558d60f62d14415832c
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
7b2d40ec02ecfc2753d7f80b0fdb7911692610491edc0540fd5553776b9f054d
7da2c210f5decf1745310ab41268df3bbae82bf2400a3c37427cb48f91a18fb9
7e94b917096e9189b4a686b3a131c39d286622f789e63e53da1d3c0560d60ff5
7f7a78fee4d1ed83556b084c4adedbc153ab3ca053e8a15f2b6ea5aef06dd5f5
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
83e15890610eba9558b1324092ab937f986d7e96abdc03859851d8962e8282f5
84becf2f015e9bab6f2d30d5b618f5f71cb35e27f239b8eaab4206d1a4ac64c4
851917db0c35742b91f0a0989a838bab0d3b9d0861f4bb5bc0ad3e2283fcd71d
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87c3bba7958aee0c86b6464f6610ec1f7426f272c053e6866b4311f3ca00c180
89747a0a7e041e4a430d32196cb20b2148985588b361ab548070d4082f50087f
8a98b9e85a32f0ea51e5689e3dc97e22547ed77ed064e7b7d25368c57339b578
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aafe47e123591210b0d915e947e5cd944b1a22e7a71cade642c41bf1ccb5c03
8b1477318fe967aa147dcea8d134782e19a9953e7d164654e3a22ddca0862b15
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8d6d6c4aa52f3ed5bd1b3b8ed78cf17ea829d69b611c67450cbf482c65c73405
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
8f94dff235b65488e759488b869b0000a2a17bf9e13f184289795e2ff65a803c
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
961a3c4b4891f012868919d5e0dd1bd97eae7cc7b6c451f6610f099d8f8f5b53
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b978821f78e7bd3a48e5ae8fd7121a291eec506579406745800ca0590f0907c
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9c2388c40345a8c9a09e8eb634a72240123f49f4c2b15df11dc05c2982f52f32
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a2266a6cd9cf3085446536a8b14e74cc5448a232fc47f9ead17ac0c22b0d42
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad3fff0bde04c72b2ee221445918f9e96800facd94bf0267f39a1adcc7c4e5e6
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3123e282ab2a36833d085e42a5c76d83bcd42d7b55514f76f17f08b051bf7d1
b6cbf50a677ab3268286839a08e7bbdb253bb59128adde5892cceff8847e3d24
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
ba1c36db133febfbf00fa1ecd29072b2f6b04e07c91e42e85f0757cefd7ec662
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
c09fa9679fb13cb821998f533f0f3b51a4a1756bbc05004aef91f8f217c54712
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c40804f07bc6f71839859f835d049a312eba550cf1ea74483217d094222cf4cb
c5d35da3833e9dfbdad9298da1448acedfeb788908596e103c01088f43edc64d
c71911930f2b85b09af71e058419569d76730aac9de414a7f154034cd32ef749
cd53fcbc0f7560e63a79396f49b2a6b252d472f6da820bb84fe241191b55a87f
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
cf81393689082851bf3e656f638c0d3a7d199f4923998e8e38c56f49dc498b14
d1614c2d6b1d27bd1f42aa1405e7c00c241c3c23eb7063aa00de4b9c58bcc1f8
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e
d6d01d7502929152b26588e18ca73dc256b6d71aceae75c282cabfdece1183ee
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
dda6ad33ac53197002b0e3c6c09f3714a6c79b73969d15666500689d8fc50d3c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e126b6e0601c404cd4b00f921d1db9db664b89b56908c948037d4ae88fdd138b
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e54ab0b3da64d90e95ad4c2ac14ba1227c1e85449424d293f21019575714db7d
e56133c04f85972b45c6f92d98479f656f482365653e107d0c826cc2e507096e
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e94350d87ee2b24c0cd05c56b32775b1464df9825f003c584eab3cf1497250be
ebbe0a8ecb0f66a41de6dde57bab5e298d454849b22547f287edc915b0080788
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f447ce9eeb2f17b03a29b369670fb8042f4cfa7b4fd8c439a5d2935fca66e5cb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa212b69ac7d5ddc2db783bb42fd09b34f58504e2e5bfa9f3ccbd37bda2bbb59
fa9c2d6a10a5eacc2948b77833b0de55683b3e386d1a6a5ba0fd7a714708f46d
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fc05ed3f9e6c4c6e31ab08882887d99ba7f5fb2ef6121b3feb66cf9089c48b01
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdb60418f2e23b359b2ade2aca337dccf02e24215d1a77bb816ba1820e5bbff0