URL: https://securityaffairs.com/
Submission: On December 27 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 100 IPs in 13 countries across 90 domains to perform 410 HTTP transactions. The main IP is 2606:4700:3031::6815:90b, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com.
TLS certificate: Issued by GTS CA 1P5 on December 26th 2022. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 2.18.235.93 16625 (AKAMAI-AS)
5 161.35.253.218 14061 (DIGITALOC...)
14 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
2 3.120.61.137 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 23.35.228.23 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 18.193.95.202 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 141.95.33.111 16276 (OVH)
7 52.223.40.198 16509 (AMAZON-02)
3 5 185.89.211.116 29990 (ASN-APPNEX)
1 162.19.138.118 16276 (OVH)
4 52.28.203.152 16509 (AMAZON-02)
8 137.184.242.150 14061 (DIGITALOC...)
4 34.149.20.76 15169 (GOOGLE)
6 72.251.249.13 32475 (SINGLEHOP...)
4 185.86.137.114 201081 (SMARTADSE...)
4 52.29.128.124 16509 (AMAZON-02)
8 34.98.64.218 396982 (GOOGLE-CL...)
4 2602:803:c003... 26667 (RUBICONPR...)
1 14 185.89.210.212 29990 (ASN-APPNEX)
4 69.166.1.15 27630 (AS-XFERNET)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 34.107.148.139 396982 (GOOGLE-CL...)
6 7 3.126.18.125 16509 (AMAZON-02)
1 2 51.89.9.252 16276 (OVH)
1 52.222.214.123 16509 (AMAZON-02)
29 2a00:1450:400... 15169 (GOOGLE)
2 18.66.112.32 16509 (AMAZON-02)
1 143.204.89.60 16509 (AMAZON-02)
2 18.66.15.32 16509 (AMAZON-02)
1 3 185.172.90.252 49981 (WORLDSTREAM)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 12 52.0.191.77 14618 (AMAZON-AES)
2 185.172.90.249 49981 (WORLDSTREAM)
1 1 52.3.162.137 14618 (AMAZON-AES)
1 69.166.1.12 27630 (AS-XFERNET)
1 35.158.254.41 16509 (AMAZON-02)
1 1 96.16.141.156 16625 (AKAMAI-AS)
4 23.64.52.128 16625 (AKAMAI-AS)
1 3 172.64.154.237 13335 (CLOUDFLAR...)
1 205.234.175.175 23352 (SERVERCEN...)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
9 12 172.217.23.98 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
3 4 37.157.4.25 198622 (ADFORM)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
1 6 198.47.127.19 3257 (GTT-BACKB...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 4 3.248.100.224 16509 (AMAZON-02)
2 3 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.83 24961 (MYLOC-AS ...)
5 34.252.235.208 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 2 18.156.0.31 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
2 34.248.136.204 16509 (AMAZON-02)
1 168.119.149.178 24940 (HETZNER-AS)
3 3 151.101.66.49 54113 (FASTLY)
1 1 92.123.37.164 16625 (AKAMAI-AS)
1 1 34.207.40.113 14618 (AMAZON-AES)
3 6 52.95.122.74 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
1 1 54.72.55.142 16509 (AMAZON-02)
3 5 69.173.144.139 26667 (RUBICONPR...)
1 5 185.80.39.216 27381 (CASALE-MEDIA)
3 5 52.46.143.56 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 162.19.80.92 16276 (OVH)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
44 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
4 5 69.173.144.138 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 18.66.97.109 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
1 51.15.145.116 12876 (Online SAS)
4 23.35.236.188 16625 (AKAMAI-AS)
1 67.202.105.22 32748 (STEADFAST)
5 2.18.36.193 16625 (AKAMAI-AS)
2 2 54.81.22.167 14618 (AMAZON-AES)
1 1 185.29.132.241 30419 (MEDIAMATH...)
14 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.167 1299 (TWELVE99 ...)
10 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
5 5 52.212.224.242 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.137.133 201081 (SMARTADSE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.214.223.115 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
2 2 213.19.147.44 3356 (LEVEL3)
1 5.161.54.172 213230 (HETZNER-C...)
1 63.251.232.170 32475 (SINGLEHOP...)
1 1 141.94.242.206 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
1 1 34.111.129.221 396982 (GOOGLE-CL...)
3 4 35.204.158.49 396982 (GOOGLE-CL...)
2 198.47.127.20 3257 (GTT-BACKB...)
2 2 52.30.109.223 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 98.98.134.241 21859 (ZEN-ECN)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 3.122.214.165 16509 (AMAZON-02)
3 35.186.193.173 15169 (GOOGLE)
3 3 52.220.229.2 16509 (AMAZON-02)
3 6 77.243.60.138 42697 (NETIC-AS)
6 6 35.201.96.126 15169 (GOOGLE)
3 185.64.190.87 62713 (AS-PUBMATIC)
3 3 141.94.171.215 16276 (OVH)
410 100
Apex Domain
Subdomains
Transfer
65 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
945 KB
44 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 597
image6.pubmatic.com — Cisco Umbrella Rank: 941
ads.pubmatic.com — Cisco Umbrella Rank: 594
simage2.pubmatic.com — Cisco Umbrella Rank: 852
image2.pubmatic.com — Cisco Umbrella Rank: 1234
image4.pubmatic.com — Cisco Umbrella Rank: 1253
simage4.pubmatic.com — Cisco Umbrella Rank: 1415
aud.pubmatic.com — Cisco Umbrella Rank: 7508
55 KB
36 securityaffairs.com
securityaffairs.com
285 KB
23 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 570
ib.adnxs.com — Cisco Umbrella Rank: 275
acdn.adnxs.com — Cisco Umbrella Rank: 756
85 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 278
90 KB
19 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 592
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1154
eus.rubiconproject.com — Cisco Umbrella Rank: 743
pixel.rubiconproject.com — Cisco Umbrella Rank: 424
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2939
token.rubiconproject.com — Cisco Umbrella Rank: 786
28 KB
18 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 4088
mwzeom.zeotap.com — Cisco Umbrella Rank: 3100
5 KB
18 pixfuture.com
served-by.pixfuture.com — Cisco Umbrella Rank: 44261
cdn.pixfuture.com — Cisco Umbrella Rank: 51101
prebidserver.pixfuture.com — Cisco Umbrella Rank: 55800
508 KB
16 wp.com
i0.wp.com — Cisco Umbrella Rank: 3757
stats.wp.com — Cisco Umbrella Rank: 3525
pixel.wp.com — Cisco Umbrella Rank: 2968
463 KB
12 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2707
8 KB
11 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1030
s.amazon-adsystem.com — Cisco Umbrella Rank: 365
8 KB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 681
lg3.media.net — Cisco Umbrella Rank: 6153
prebid.media.net — Cisco Umbrella Rank: 1734
37 KB
9 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1066
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1192
ups.analytics.yahoo.com — Cisco Umbrella Rank: 368
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 575
3 KB
8 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1764
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 772
7 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 129
www.google.com — Cisco Umbrella Rank: 15
3 KB
8 openx.net
pixfuture2-d.openx.net — Cisco Umbrella Rank: 65277
u.openx.net — Cisco Umbrella Rank: 868
1 KB
7 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1179
tags.crwdcntrl.net — Cisco Umbrella Rank: 1693
sync.crwdcntrl.net — Cisco Umbrella Rank: 1049
18 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 375
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 441
2 KB
6 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 6667
1 KB
6 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1621
4 KB
6 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 6884
s.e-planning.net — Cisco Umbrella Rank: 14191
i.e-planning.net — Cisco Umbrella Rank: 14417
u-ams03.e-planning.net — Cisco Umbrella Rank: 62664
3 KB
6 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4572
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5551
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6576
signal-segments.s-onetag.com — Cisco Umbrella Rank: 9644
18 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 835
2 KB
5 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12761
pixel.onaudience.com — Cisco Umbrella Rank: 4248
2 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 653
2 KB
5 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2890
sync.go.sonobi.com — Cisco Umbrella Rank: 1202
3 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1406
match.sharethrough.com — Cisco Umbrella Rank: 617
672 B
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1847
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 637
2 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 3285
ssc-cms.33across.com — Cisco Umbrella Rank: 1119
884 B
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 433
mug.criteo.com — Cisco Umbrella Rank: 2069
dis.criteo.com — Cisco Umbrella Rank: 890
2 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
136 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
4 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1188
2 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30547
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20138
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 252
4 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 5947
c1.adform.net — Cisco Umbrella Rank: 803
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 556
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 87
region1.google-analytics.com — Cisco Umbrella Rank: 2158
20 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 115
222 KB
3 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3533
2 KB
3 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6056
775 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
141 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 836
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 745
usermatch.krxd.net — Cisco Umbrella Rank: 1773
942 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9297
loada.exelator.com — Cisco Umbrella Rank: 34641
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 6468
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1055
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 615
fid.agkn.com Failed
1 KB
3 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 12849
l.sharethis.com — Cisco Umbrella Rank: 6085
9 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 838
946 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 35349
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 711
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1054
s.tribalfusion.com — Cisco Umbrella Rank: 2371
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6277
562 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 902
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1393
843 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1074
943 B
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1175
sync.mathtag.com — Cisco Umbrella Rank: 579
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1861
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1889
751 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 956
132 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 510
1 KB
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1271
1 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4814
466 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3023
555 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4394
104 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 15024
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1895
282 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8637
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6860
279 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1125
226 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 734
511 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 924
589 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 13005
535 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 461
140 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 659
707 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3301
420 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 43332
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 737
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2667
361 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1391
356 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 21143
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 135908
659 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 17505
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 810
166 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1796
527 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1326
406 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1436
6 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
410 90
Domain Requested by
44 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
36 securityaffairs.com securityaffairs.com
21 pagead2.googlesyndication.com cdn.pixfuture.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
15 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
ads.pubmatic.com
14 simage2.pubmatic.com ads.pubmatic.com
14 ib.adnxs.com 1 redirects cdn.pixfuture.com
spl.zeotap.com
acdn.adnxs.com
14 i0.wp.com securityaffairs.com
12 cm.g.doubleclick.net 9 redirects spl.zeotap.com
ads.us.e-planning.net
12 a.audrte.com 5 redirects ads.us.e-planning.net
a.audrte.com
10 image2.pubmatic.com ads.pubmatic.com
8 prebidserver.pixfuture.com cdn.pixfuture.com
ads.us.e-planning.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 x.bidswitch.net 6 redirects
7 match.adsrvr.org cdn.pixfuture.com
spl.zeotap.com
ssum.casalemedia.com
ads.us.e-planning.net
ads.pubmatic.com
6 visitor.fiftyt.com 6 redirects
6 uipglob.semasio.net 3 redirects
6 aax-eu.amazon-adsystem.com 3 redirects ads.us.e-planning.net
ads.pubmatic.com
6 image6.pubmatic.com 1 redirects spl.zeotap.com
ads.pubmatic.com
6 ap.lijit.com cdn.pixfuture.com
5 match.prod.bidr.io 5 redirects
5 ads.pubmatic.com cdn.pixfuture.com
ads.pubmatic.com
5 www.google.com 2 redirects tpc.googlesyndication.com
5 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
ads.us.e-planning.net
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
5 pixel.rubiconproject.com 3 redirects ads.us.e-planning.net
5 secure.adnxs.com 3 redirects
5 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
static.cloudflareinsights.com
5 served-by.pixfuture.com securityaffairs.com
cdn.pixfuture.com
5 contextual.media.net securityaffairs.com
cdn.pixfuture.com
5 fonts.googleapis.com securityaffairs.com
tpc.googlesyndication.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 u.openx.net cdn.pixfuture.com
4 acdn.adnxs.com cdn.pixfuture.com
4 token.rubiconproject.com 4 redirects
4 dpm.demdex.net 3 redirects ssum.casalemedia.com
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
cdn.pixfuture.com
4 prebid.media.net cdn.pixfuture.com
4 hbopenbid.pubmatic.com cdn.pixfuture.com
4 apex.go.sonobi.com cdn.pixfuture.com
4 fastlane.rubiconproject.com cdn.pixfuture.com
4 pixfuture2-d.openx.net cdn.pixfuture.com
4 btlr.sharethrough.com cdn.pixfuture.com
4 prg.smartadserver.com cdn.pixfuture.com
4 ssc.33across.com cdn.pixfuture.com
4 c2shb.pubgw.yahoo.com cdn.pixfuture.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagmanager.com securityaffairs.com
www.googletagmanager.com
3 pixel.onaudience.com 3 redirects
3 aud.pubmatic.com
3 cm-supply-web.gammaplatform.com 3 redirects
3 ipac.ctnsnet.com ads.pubmatic.com
3 sync.crwdcntrl.net ads.pubmatic.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 sync-tm.everesttech.net 3 redirects
3 idsync.frontend.weborama.fr 2 redirects ads.pubmatic.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 aa.agkn.com 1 redirects cdn.pixfuture.com
2 pixel-sync.sitescout.com 2 redirects
2 r.scoota.co 2 redirects
2 c1.adform.net 2 redirects
2 loada.exelator.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 gu.dyntrk.com 2 redirects
2 ad.turn.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 ups.analytics.yahoo.com 2 redirects
2 bcp.crwdcntrl.net spl.zeotap.com
tags.crwdcntrl.net
2 dsp.adfarm1.adition.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
2 signal-segments.s-onetag.com get.s-onetag.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 onetag-sys.com 1 redirects ads.us.e-planning.net
2 id5-sync.com cdn.pixfuture.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 lg3.media.net securityaffairs.com
2 l.sharethis.com ws.sharethis.com
securityaffairs.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ps.eyeota.net
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 cr.frontend.weborama.fr 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 ssc-cms.33across.com cdn.pixfuture.com
1 js.cookieless-data.com s.e-planning.net
1 eb2.3lift.com ads.us.e-planning.net
1 px.ads.linkedin.com ads.us.e-planning.net
1 www.gstatic.com googleads.g.doubleclick.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 u-ams03.e-planning.net ssum.casalemedia.com
1 s.company-target.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 i.e-planning.net ads.us.e-planning.net
1 secure-assets.rubiconproject.com 1 redirects
1 match.sharethrough.com ads.us.e-planning.net
1 sync.go.sonobi.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 signal-beacon.s-onetag.com get.s-onetag.com
1 get.s-onetag.com cdn.pixfuture.com
1 lb.eu-1-id5-sync.com cdn.pixfuture.com
1 static.cloudflareinsights.com cdn.pixfuture.com
1 pixel.wp.com securityaffairs.com
1 stats.wp.com securityaffairs.com
1 ws.sharethis.com securityaffairs.com
0 api.rlcdn.com Failed cdn.pixfuture.com
0 fid.agkn.com Failed cdn.pixfuture.com
410 146

This site contains links to these domains. Also see Links.

Domain
securityaffairs.co
www.pixfuture.com
www.cssii.unifi.it
Subject Issuer Validity Valid
*.securityaffairs.com
GTS CA 1P5
2022-12-26 -
2023-03-26
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sharethis.com
Amazon
2022-06-19 -
2023-07-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-01 -
2023-12-03
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-17 -
2023-05-17
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
ssc.33across.com
GTS CA 1D4
2022-11-11 -
2023-02-09
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.s-onetag.com
Amazon
2022-12-04 -
2024-01-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
ads.us.e-planning.net
R3
2022-12-19 -
2023-03-19
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.audrte.com
Amazon
2022-02-24 -
2023-03-24
a year crt.sh
*.e-planning.net
R3
2022-12-19 -
2023-03-19
3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2022-02-23 -
2023-02-03
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-09 -
2023-12-10
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
dmp.theadex.com
R3
2022-12-25 -
2023-03-25
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-10-19
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-23 -
2023-03-22
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-06 -
2023-09-30
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.iprom.net
R3
2022-12-05 -
2023-03-05
3 months crt.sh
truffle.bid
R3
2022-12-21 -
2023-03-21
3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA
2022-09-27 -
2023-03-08
5 months crt.sh

This page contains 76 frames:

Primary Page: https://securityaffairs.com/
Frame ID: 22D0563ECEE4B301E9D40B4BDC258127
Requests: 149 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 01A1DB3EF0343B2912D16198BC957A6A
Requests: 3 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: F1AD699150145052415E837B4ABF33D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D00452690B6B522A82E13D8DFBBA3C37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 76D1E1D02C4C21DAA286D1746F7A32D7
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 04962166919CA5244D8AD7F1214ADB6E
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 93ECD1E0DB0EC422B16B4BF5C331AC9A
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 781D248E5776486741F4770F43FBE7DA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Frame ID: 084648A95D31AC645333F023A800EBB1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Frame ID: FD0C94A4D8B0D78AA8BEDF90D4FB500A
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: EBBF5F80EEF00F52A1D02C74507D0F53
Requests: 11 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Frame ID: 7717D9FCEA19595CA6450F159E523254
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 46E73FD76C3D6B144BF5873C41231B82
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 34EE2C524CBE827DA2B328D9B7763ED9
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&cmp=0
Frame ID: 19856265D9C10A0F1FA44114A03B703E
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Frame ID: 54FE12D66766C0821DD0ED99AD5F582C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Frame ID: 4558C72F8D712B73D1C30C9E0775C33E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2DC136FA3565DE04AA157F53A819D2A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html
Frame ID: 65E3EBA5E5EFB5EE392917709897E92F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 37AB57198299A33FDD51119923253B3C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 67AC085DC3497827DE171A70A2FF560D
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: A27D378114CF80D8C0BC6D07FB2707CA
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 5000E9701919746EBCF67A322CDD0E74
Requests: 1 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=APOm957h9Xhm-kRu
Frame ID: 08D49F7DCADB860CD51D8B83B4AEE9DA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1ACA916BD305EC69526C5031390C7C1D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9BA15F1CDC7527FDF42AA59AE5D6A713
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0BC8F6A2EE761F597AD351326A2D5204
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0F5100A57F6973542D1ED0001EAEC7AC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 582FF513FE5ADE905AC3839DB90487E9
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5856A0CAE884C57DD5EC00E01F4602E1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B72303DAAB3719FF645770B2B1E248AE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13480300
Frame ID: CEBC1B9E53B8D4CF14AD5B526071333E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 136B8FDACF6023785B804E9800EF7FA8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E374E3C047E99472B2C151F1B813C22D
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: AC2685357586B82C48CC84682F234165
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 94734EE687FFF1472B101572F7E72BCE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DCAFC75F05F00E7C9FA55BA22B23E210
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 0B00746109E075E99DF015610F8E2DA5
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 30BE045391191A64BE83EF1327648C5D
Requests: 6 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13480300
Frame ID: 4EE4C9B556233BB9333D57F5C6529D2B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: A6BBF18370A23CD34ACF918B757C5058
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: F7478F8543B9BA94945756BD72BD7D0F
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 908EBA320BCD56C61B47F659CF0E128F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: CE376DE8DE18071C535827FBAB8574B0
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7029506A8EB12FA6144DDA3B18656FEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4527237290CB0251BDFCB11D7F19013A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7A0EB86265B2CC7EAF2C66A0E2DB17C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00559FC7396014BB5C74FCB34EFCD5BD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0363743BA8471F402DF02638F7A6797D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB2D51555B12E74A0EB2AE4F77B34881
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&gdpr=0&gdpr_consent=
Frame ID: 4BCA5FC45103B8A47F3ED564E15EEE98
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8566938860017115433
Frame ID: F983CFA5394EAC5F7BEAC7E58C10B63F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1DCC71672453E9952121A53D33D0E40A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A9BCB108-9449-454D-B335-D4070369B19E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 31F41CC5AFA789F263961C5B43CF9085
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3753192772487348625&gdpr=0&gdpr_consent=
Frame ID: 6E16DF3F5F2DFD3C98F1D316EEC3615E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId
Frame ID: 41B7D763AE7CA04DACB7D58BBE43FE54
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181629324047874194&gdpr=0&gdpr_consent=
Frame ID: 50B9AF17AF846D0D1BCB2EC781664817
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7by6K9XLTiJzJjvWci2aQYrHJoU
Frame ID: B14E54DAD5D6E7B3129A3E9FDAD8C98E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAL4nE7HVIwAAB8ZijCz8A&gdpr=0&gdpr_consent=
Frame ID: E8EF553FA77A6417B84D0E90419DFF4E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6pF0gAGgYicXwAe&gdpr=0&gdpr_consent=
Frame ID: F070CD9C4FA4ECD30D25930CEC3BF658
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: FE7F4D93A1FB387B887F466FBB9AAB73
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 3F28410613C9C6428418E09C55600086
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3BE2CC207EF23EAECDE77D253CC639FD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1712290130
Frame ID: 7744FBBE77DDAEA38BF0E869DB88D057
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 70FF58057AF427A303C3D9ACF60BF84D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3285CAF6F5AED923F089D3BF43F92489
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSQQMTQaQnQjgMaY
Frame ID: 8B19B33C4FEBEC2B2DCDA88F8DB1FA24
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: A235C6875D544EC350519A035E3B2B75
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zb197473kau
Frame ID: C2B68CD6CE675722092E24662D66FBAE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Frame ID: CA42A262E9EFAAFF3927D457283D798C
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: AD53E3BB609EB2759DA00C7339A6C9B1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kiqhm630j3ol
Frame ID: 823FB56131EF7D02DEF001F91FCF44A9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Frame ID: 260409C8E0C0A10E36524DB091294A83
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 9DA7719B77F32D97C0B54BC213466DF9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wklurrrn59c
Frame ID: 3DB43F8C437B3C8968439DE624FF55FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Frame ID: 9C06C5C884B51029A2D30092EAA8C44E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Security Affairs - Read, think, share … Security is everyone's responsibilitySecurity Affairs

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

410
Requests

84 %
HTTPS

22 %
IPv6

90
Domains

146
Subdomains

100
IPs

13
Countries

3116 kB
Transfer

7096 kB
Size

130
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=0Q8FyXxNd0NIaW9TbWN1Z3EyYzdrSVpKcmgxTmRhWC81QkFROGhuVi9TcTlFV2lIWmxSUzc5ZnUxbFJJOGxZU0FObVN0V2pLSGNQK2lwMmNHUGJYR1ZaTm1LSTk4YUU0VkRXNHJzMzRDSUFkbm9HT01taW9QMVNjOFV4dC9VdVNkWDFkTUpBMTFsd2dOLzQvSXVlUHRrcWt5cEt6cWYxb2FIYVVzcjBscU5ZOGJneUlWOURPSEs0QTRCMGdnajlJVzMvNW9GTENaSHlRZ29pTVNITTdlTmN1R3RMZlFHS2t0aFZKNy8rNGRIdXhjcHlDRDdGc1NqS1lWSUNySmYrTUZweTJkfA&cppv=2
Request Chain 92
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Request Chain 93
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Request Chain 146
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=cd1da563-5f45-4d79-a662-88b9eb72e77d
Request Chain 147
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 158
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 173
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Debbe1f966e28985b%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mMGE2ZTQwNi05YmNhLTMwM2MtOWM5Ny03ODBlMjA1YzIzYWMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWJiZTFmOTY2ZTI4OTg1YiZ1aWQ9dWEtZjBhNmU0MDYtOWJjYS0zMDNjLTljOTctNzgwZTIwNWMyM2FjMgISDDgB
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 176
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Request Chain 186
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=1547b942-12bc-47cf-a47b-20940e7892c9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 192
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=514039a0-0c78-461d-9329-508d04ef129f&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 193
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=61637e58-9d4a-4515-660f-55dd698f0260&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=61637e58-9d4a-4515-660f-55dd698f0260&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=47553317289599480911205018753044821649&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 195
  • https://bn01.er.bemail.it/zeotap.php?_bid=61637e58-9d4a-4515-660f-55dd698f0260&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022122702-88081-0.303706001672103378-fb4427e4b5197590e3c09dcda681b768&zdid=533&env=mWeb
Request Chain 196
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7181629324047874194&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 197
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=61637e58-9d4a-4515-660f-55dd698f0260 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=61637e58-9d4a-4515-660f-55dd698f0260
Request Chain 198
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=61637e58-9d4a-4515-660f-55dd698f0260&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=61637e58-9d4a-4515-660f-55dd698f0260&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361&bounce=1&random=3085997614 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=UaaeDbNkaenzniW7x.Z40e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 201
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-dbM1e_tE2oqZh00NbtzHa6qwlIhFZa8Txw--~A&zpartnerid=570&env=mWeb
Request Chain 202
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1jt9wbSA4YTmeR7FWRGmM9a%2BS41iYitP1U%3D
Request Chain 206
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361&_test=Y6pF0gAGgYicXwAe HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y6pF0gAGgYicXwAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&_test=Y6pF0gAGgYicXwAe
Request Chain 207
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d76563aa-45d3-4300-a2c2-38241bf5d3fb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 208
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 209
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=61637e58-9d4a-4515-660f-55dd698f0260&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=61637e58-9d4a-4515-660f-55dd698f0260&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&dcc=t
Request Chain 211
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 212
  • https://pixel.rubiconproject.com/token?pid=41544&puid=61637e58-9d4a-4515-660f-55dd698f0260&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LC5J6FCK-1N-1XVN&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 213
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=61637e58-9d4a-4515-660f-55dd698f0260&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=cd1da563-5f45-4d79-a662-88b9eb72e77d&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECDFNO0oieoouVRh99A6vf0&google_cver=1
Request Chain 218
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6pF0hYELjUEWCLEfBNwuwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFQzi_VxkWm9vfsX5to8EXU&google_cver=1
Request Chain 219
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&dcc=t
Request Chain 220
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3185414693727396622
Request Chain 221
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 222
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687828178&external_user_id=663f8539-6f73-4305-932e-cd7305dd9318
Request Chain 223
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6pF0hYELjUEWCLEfBNwuwAA%265167?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6pF0hYELjUEWCLEfBNwuwAA%265167
Request Chain 231
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 253
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YyMmNkMTJmNzQyMzY2YTNhZGFlOTFiN2U3ZTljNWQ4ZTU2ODg3Nw
Request Chain 254
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EU5imzPjRei3XYDCCYYYlg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EU5imzPjRei3XYDCCYYYlg
Request Chain 255
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC5J6FCK-1N-1XVN
Request Chain 256
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qAdjQakOQ9-wzeETtHYlfA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qAdjQakOQ9-wzeETtHYlfA
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGihPrFxf3Ag2rOJAAatGeE&google_cver=1
Request Chain 259
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vuvrwZaOiwAdZ6JWbXBLI8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ks4Dh7xE2oLBqlz3eojgcv6LZiO8YM5A7rJFVQ--~A
Request Chain 260
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM1SjZGQ0stMU4tMVhWTg==
Request Chain 261
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 316
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=b0sOn__IQutdhZBh07CnH4rHJoU&user_group=1&ssp=themediagrid
Request Chain 333
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&gdpr=0&gdpr_consent=
Request Chain 334
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8566938860017115433
Request Chain 337
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3753192772487348625&gdpr=0&gdpr_consent=
Request Chain 338
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId
Request Chain 339
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181629324047874194&gdpr=0&gdpr_consent=
Request Chain 340
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7by6K9XLTiJzJjvWci2aQYrHJoU
Request Chain 341
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFMNG5FN0hWSXdBQUI4WmlqQ3o4QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAL4nE7HVIwAAB8ZijCz8A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAL4nE7HVIwAAB8ZijCz8A&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL4nE7HVIwAAB8ZijCz8A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2874718450242626855&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAL4nE7HVIwAAB8ZijCz8A&gdpr=0&gdpr_consent=
Request Chain 342
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6pF0gAGgYicXwAe&gdpr=0&gdpr_consent=
Request Chain 343
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 344
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 346
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1672103379212 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1712290130
Request Chain 349
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhSQQMTQaQnQjgMaY HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhSQQMTQaQnQjgMaY&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=ef4efd864387b00aac9b8e465cd3983d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhSQQMTQaQnQjgMaY HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSQQMTQaQnQjgMaY
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qbyxCJRJRU2zNdQHA2mxng%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 353
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A9BCB108-9449-454D-B335-D4070369B19E
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTlCQ0IxMDgtOTQ0OS00NTRELUIzMzUtRDQwNzAzNjlCMTlF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSBUZRt66JV1Khkdpes0Nw&google_cver=1
Request Chain 358
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4944545381506514044
Request Chain 360
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A9BCB108-9449-454D-B335-D4070369B19E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f7dj.yVE2uXBRKd_HMvewF8FCJD99lg-~A&gdpr=0&gdpr_consent=
Request Chain 361
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=3cc3d1c5-db0a-4568-b938-bd825b91342b&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cd1da563-5f45-4d79-a662-88b9eb72e77d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 363
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf-63aa45d3-5858&gdpr=0&gdpr_consent=
Request Chain 364
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:38a17983-4d19-43ad-a1ed-a3797ce5b4fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 365
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3185414693727396622&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 366
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3753192772487348625
Request Chain 377
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4944545381506514044 HTTP 302
  • https://a.audrte.com/p
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0li99wEkjaZR02dye56YYX4pA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0li99wEkjaZR02dye56YYX4pA&gdpr=0&gdpr_consent=&google_gid=CAESEKYzpqAdsurGRHNmNVwRWxk&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 392
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zb197473kau
Request Chain 393
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Request Chain 394
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A9BCB108-9449-454D-B335-D4070369B19E HTTP 302
  • https://a.audrte.com/p
Request Chain 395
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 396
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
Request Chain 397
  • https://pixel.onaudience.com/?partner=214&mapped=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 398
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A9BCB108-9449-454D-B335-D4070369B19E HTTP 302
  • https://a.audrte.com/p
Request Chain 399
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 400
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
Request Chain 401
  • https://pixel.onaudience.com/?partner=214&mapped=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 403
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kiqhm630j3ol
Request Chain 404
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Request Chain 405
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A9BCB108-9449-454D-B335-D4070369B19E HTTP 302
  • https://a.audrte.com/p
Request Chain 406
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 407
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
Request Chain 408
  • https://pixel.onaudience.com/?partner=214&mapped=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 410
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wklurrrn59c
Request Chain 411
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=

410 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
securityaffairs.com/
85 KB
16 KB
Document
General
Full URL
https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ba03ebcae42ba19a333924a27b0667451f2a67911018b6c1db6bf4caa69b19

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77fe2bf3bd6cbbb5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:09:36 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3R88RDA5Hlv2C2z9ihKANdmQ6PqXI%2FqxmvLKZyUfDDTcIUyjGh4XMlvzEYP9vs5JgNgWzfi%2BdQP6XrhKXZMKOZNJCM%2F4gQ%2FjkB1XMxBffRsGPnnOfBBqBzawYDNwiNbN5IgxSU%2Bn1JYO4CWLb%2BwjBKi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
securityaffairs.com/wp-includes/css/dist/block-library/
108 KB
15 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=7f328e8ac89ab883d5ef4a32c2877c9d
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d6e71e48de130e4b0a7e54ddaee478df73dce7ace894f8e5525ce85d2fcdfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 21:49:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"63740954-1aecd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOxa8Q54zRlm2%2BuC5Iu67J4nDsGTuzXnFwa1IFHcH%2FS%2BhOGtSOYZhb1Y64RS0AOoco3n0OLPwi5g0LFJc74FV3GkPZlIwBTc5bQdOHI6hjpK3lPZMOqblNvt9hksYn69N9xBmlXLVgGWZHzXQ65h2Bjz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43df3bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wwPeNW9KmfW5XEat80F0B%2Fj80AeB%2Fm8MNh55S%2FQ6ryZhYdd1ATXdErTt0QUmfjmVPeKn7KAe5ScBhr2nO5vcMTP6ETHgjYrrA0MHxwMleZhrW%2Bv5Q%2FUr9q3%2BEp8lBq3egaAc1GmEydioIvhLmL%2F%2Byd%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43df6bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/
5 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=7f328e8ac89ab883d5ef4a32c2877c9d
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQkHKQmDVN0ILp%2BoDfjlfoW4al7rzVz4MM%2FX8IVrJ7O89Lsw5iImHiC%2BRC7lEqU59BnE8CdvZnHSIgZfeoLyk7dpq5GioYfV3f2PSZKo6yLD63ZM%2FzJsqoJdmu2q%2B3447rUUmFp7%2BsWsVSymf9oRn0b9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43df9bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
classic-themes.css
securityaffairs.com/wp-includes/css/
638 B
739 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/css/classic-themes.css?ver=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e0faa0bc554b9a86d51ec14488bef748c400cfc8f61e57b3d2e4688f11f983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Nov 2022 22:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"63644088-27e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV%2FKZywJlsMH1NvAy2CtqtXJ1aRrdaLMmOupyfQrDuhgZcONOZhrj9H2QoqppeYuEiPFA3iTba7fbmQ%2F6sDT7cqb40ZyeVFNPT9PvJg%2BSk258XdoCz2sb4Yii3l%2FsbHyGCJvhGIYtc9kdpv7ApsVNIL2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43dfbbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 22:44:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"63990030-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXcEc0h7IUYB10FToxd0fE0cN%2FcWkM%2BlqKVP2fsD3xxj8VhEpG%2Bm70Lnl8XgrLHcFeqBtWcZi1r29%2F2qZDeXg3OfkJ39JKEyre17jZ1Ij%2BGeKNKlI1o76R%2B220o74dckmu1HLOy4w%2B0kM8LXoyjP26Dp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43dfdbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
27 KB
5 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 22:44:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"63990030-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA8Yvs4qCmBRDvO679evJDf3CRwsSOJNB6VMGKqhTTA2861I%2FsWkto%2B%2FR3ncx4OLYw9FxyH0J2Fxo4ngGetrzNJ1QMLx9mFriF%2FeegNOTHQPfgtDTQKw7i1qr%2Fx3RJOO28Zpg4yHMuuxvOtyvpinnxWt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43dfebbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/
19 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56716d33-4d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDuwN9HK6AxVauaga5tgkUQg0pLoHYmLQJRQR%2Bs%2B5YD%2F6zSSfMUWEbb6G4BY3onQxoTb%2FJNtpXPH8OADm9o75ZruAIduBiHLRzO3nulg7eGafYuokmgYmUpBETdKNHanGQeHbBcNHxpIndiVdxLlfVGb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43dffbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/
539 B
541 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56710b7c-21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjfOMaPm73%2F2vTyEMUAILjNYxbIYNWqENkh8BucgDoKTJk0%2FoY5zOK48IhNh7UH4PAOFFFSAXarkh7YeomqnwPucskl6eF8PKlsqIlap%2BlMmWj6Z1sz0P0zqU0dpTgHd1lp0iE6tJ21WJ92JKnBSGKoT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e00bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/
6 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56716d3d-1851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BActKBqslzBFLLgb6Q1hwOIMJQxQz8ej1xR980YTxzFMCWwhjtLPmz2xFw7QTR7Xp%2FReTu3oKhkkxITCHe848V8YiZ3%2F3AitMbYQgDsky0QK9jvq9tYmhl1Ft2I%2F5noAlV%2FoVA%2FynGRMhur4%2BUZFsKcJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e02bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/
2 KB
702 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56710b7a-6b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tcGUjvTbl873Ly%2BxUDanYdK0Rn1nCE3Xch%2FomxjMsAhgdbjSeTmYsBH3ZpHvguhYUA%2F3yugRH%2BjQTbkapaMhRS%2FmyzV%2BsecqBaEtr9l7dQNW7GPCDXVODVDHVdcYTT3xeUqoLwTGwLqxq5LDVaTtW3Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e04bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56710b7a-4574"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBaJtkPm0DvcIh1eDh38IjkFcXPyMgzM%2B%2B%2FT4sG00V8ZIw6IP5TXjTeIPyo2PRNk0YSphAPdOf7V5Igv%2FtVgGnO03LP%2F2vM%2FuPrF6kgqoBMdQgtebGe71xbLL7naFgbjTJ52qPXCtr7CzqqHUqE4PlL0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e0cbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/
4 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56710b8a-118d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiQ7Ct2CxzgowYq6ClsdfO4Q0%2BScNmLWoee7oRTMpOkX%2BKhziY5BacAXqM7SDUQx%2F%2F4kOSCEn51D8QvOilyHDvRAUNLNL2W7DXLQTjKv4pS8k6ikFJRK2inp58fXCu1ILgRP8Vh8oKhYn8NsqrwGVTKl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e0ebbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/
334 B
468 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56710b7a-14e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj2%2BNL0IEMie5DO5zbkouxFhRJ6RbWWNLtYLnEVcNpQ%2BC1D%2FDcz%2FWTrHIbQqY%2FlCdAGhAkm5mNqAWHxBk8rHfSPbLDvk5f4SN3LUYDROdkUGHzXi6DQ3SwZKpfuJFKR9VeeijLaM1Jbwe55h1zxIkBdM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e0fbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/
110 KB
19 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56710b7c-1b844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63CaSSBWlV2rj1iKSJD0crwCUQiQ77hgvDU3SsQhVC24ZNUBVZNseem7eVuEeIQN5Fmdx7UxSfGDzpX5FIaxZ%2BDdFbWptDd8E1N%2FBMryol3QPSJlcNjDCeCWJEXaRitptVZE8PJwcRqTBD%2BZjOk%2BXqcy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e10bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/
12 KB
2 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORw5ggymmETjcOfJlvkUfulI9%2FzCVr3CoUUWflFsaAECSx72GQl7t4155d%2BGH6TQwD673vYAsL5dYfSapKSGvRX%2BSTMG6A6DP%2BiSUMAspqZzSWgFNuSXLjoYkiFlBqw4kRW4eMrA8Q2D2Ep7BnHZpblW"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset: UTF-8;charset=UTF-8
cf-ray
77fe2bf43e11bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
9 KB
851 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=7f328e8ac89ab883d5ef4a32c2877c9d
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1b1c54ba41cb13001de23642265da817473b2f3c8c0789eed1bb8d560c42110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 01:09:36 GMT
css
fonts.googleapis.com/
3 KB
961 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=7f328e8ac89ab883d5ef4a32c2877c9d
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 00:36:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 01:09:36 GMT
css
fonts.googleapis.com/
4 KB
629 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=7f328e8ac89ab883d5ef4a32c2877c9d
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
febc1e8fbae9b78e392e33110088051ce7f8168aa0ca6c43aadec0458774045a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 01:09:36 GMT
css
fonts.googleapis.com/
3 KB
650 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=7f328e8ac89ab883d5ef4a32c2877c9d
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 01:09:36 GMT
grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/
49 KB
8 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=7f328e8ac89ab883d5ef4a32c2877c9d
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"56710b7b-c5f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiQWoxQR8xIW3Lu%2FjLK7f3WBoYsLKikq1VhNIJvt%2BwKi2N6Y0QHEe5KJo4w0WHmzYsGv25iynIYk%2BUseTbwkOZVs2pDb%2FoAUNYIpd9PBJCJO9RyD9eSl%2FczHayTFH0vPKS3S02Y%2B4vjlKFYsWl7kLV5X"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
77fe2bf43e12bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/
283 KB
85 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.6.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e547dd68cdf81e0eee07f2cd672da320942336f3db781d19c134220125ab6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Nov 2022 22:28:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"63644089-46c28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL%2B%2F23BcHhJawkpe4Q6chFSTIdRFZsCHl8zaYF4wy8SmK2ll8BxCgMZwjykEH6CD6vSezl3n17DspL0ffecwktEORpJVEFkacPamC7wwet2sjUuiTFCd%2FdH1t2H45SGR2GsAYwCZdulOLOWVoJkZ33MG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf43e13bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/
25 KB
9 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"5fd15e34-62d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pLrDIdzM31i30rWqZ%2F2Tft9zw6GnfkNjWSlaAcqtbQQm75sBDcwinZFO3Lestc0XiVrlUKZEWXRcer5ncJ%2BW5u5nFi8br%2FC3%2Bgb%2BJqa990sA2GgfhKwjcnoy9mouiy0z9KUYRH%2F7okHb2r%2BzmzWwhGa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf43e15bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/
33 KB
8 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 22:44:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
421
etag
W/"63990030-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT7EfWuQbS%2F39k%2FMLk7kiweiUBEPQWAN3P7uGkthY3UgWn15rfnUd37NY0AdhEla51VgrdJC9ZvGcTjr6%2FCsDRAsttQWQYVs8Dw9kqcTYUAaUPkIpFEFAevvE7ATD0jvfdolUoOb3AshT47hzJPMa9l2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf43e16bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:35 GMT
medianetAdInjector.js
securityaffairs.com/wp-content/plugins/media-net-ads-manager/js/
562 B
619 B
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 08 May 2021 23:27:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60971e6d-232"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIsFXnJIWcLAYoVRWmJAKnpxD6uTwHCa0ytKrtgshsmzAvbtpSyFw7ECjsdZPVsmnAXSEe0cFSEzYI7bFhdUYq54yRg%2FBqM3RA8Zi0HRr9yRoFF2O8kLbN5AsaTXVMBAuKJg9MUYxJqidxjG9YD%2BWaEi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf43e17bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:09:36 GMT
st_insights.js
ws.sharethis.com/button/
27 KB
8 KB
Script
General
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.4.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 23:21:29 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
6487
x-cache
Hit from cloudfront
content-length
7903
server
nginx/1.20.1
etag
W/"634f185a-6a64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
hNF-ZrwcvzfDf6PZHs3NTOoVC57KV2GwVZMZ-m9mtXeSTGpKy8bhyA==
expires
Thu, 29 Dec 2022 23:21:29 GMT
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95c7e66decb9b222c1ea676460eac3379ad9a8b4ae387f6b54a13847b9053648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43581
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Dec 2022 01:09:36 GMT
dmedianet.js
contextual.media.net/
368 B
549 B
Script
General
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-mnt-h
8-18
strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 01:09:36 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
content-length
368
expires
Tue, 27 Dec 2022 01:14:36 GMT
headerbid.js
served-by.pixfuture.com/www/delivery/
3 KB
3 KB
Script
General
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a07bdbd5ddda69f690b1ef51d085cd235c9c616465b689ca40dd6a828f19593f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
last-modified
Fri, 23 Dec 2022 19:26:44 GMT
accept-ranges
bytes
content-length
3006
content-type
text/javascript; charset=utf-8
GuLoader.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/
124 KB
125 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/GuLoader.png?resize=726%2C400&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3de2289989a1368b7a0e843344e5d9d401b309357d1e0de899c3b1d14cff70e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:02:37 GMT
server
nginx
etag
"c8d803b8d9391dad"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/12/GuLoader.png>; rel="canonical"
content-length
127486
expires
Thu, 26 Dec 2024 13:02:37 GMT
Linux-ransomware-encoder1.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/11/
11 KB
11 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/11/Linux-ransomware-encoder1.jpg?resize=620%2C400&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
bf6ad2e8398361361d00b601150f42a2f2acd1741f2c04b97e6e16eefa2e5269
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:02:37 GMT
server
nginx
etag
"c26f611a13cc8858"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2015/11/Linux-ransomware-encoder1.jpg>; rel="canonical"
content-length
11356
expires
Thu, 26 Dec 2024 13:02:37 GMT
DOM-based-XSS-wordpress-2.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/05/
22 KB
22 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/05/DOM-based-XSS-wordpress-2.jpg?resize=610%2C390&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
a3b45d6f2e875dcaca49a8b9260b634d88c1ad95cd3972a658fe5dde88bad1f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:02:37 GMT
server
nginx
etag
"664208738f7deede"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2015/05/DOM-based-XSS-wordpress-2.jpg>; rel="canonical"
content-length
22504
expires
Thu, 26 Dec 2024 13:02:37 GMT
image-36.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/
81 KB
81 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/image-36.png?resize=726%2C400&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e55bd91330efcd47b081757b7aae0bdb5a1ad9b58872393bf9d5e6a9f6095aed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:02:37 GMT
server
nginx
etag
"531ddf02d3d92bf0"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/12/image-36.png>; rel="canonical"
content-length
82528
expires
Thu, 26 Dec 2024 13:02:37 GMT
newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/
39 KB
40 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=645%2C400&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
fabaa8fceb25012bbe44a2e220fc8ba0e7fc8d9941b7b081d60ad87687a6b044
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:02:37 GMT
server
nginx
etag
"1db2f2581c263224"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
40314
expires
Thu, 26 Dec 2024 13:02:37 GMT
microsoft.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/01/
16 KB
16 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/01/microsoft.png?resize=726%2C400&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
a6717d94e8427ccb07d9148c94c28e02b13a3f8f21832e6d0f6f815c524699e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:02:37 GMT
server
nginx
etag
"3cb8144f846f7186"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2020/01/microsoft.png>; rel="canonical"
content-length
16338
expires
Thu, 26 Dec 2024 13:02:37 GMT
ZyXEL-LTE3301.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/
29 KB
30 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/ZyXEL-LTE3301.png?resize=320%2C245&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e50ba91d544b20f3dbcafd151c46d78e95364921302eca19571946e56911c179
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 00:54:04 GMT
server
nginx
etag
"f7c000b5255b3d71"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/12/ZyXEL-LTE3301.png>; rel="canonical"
content-length
30020
expires
Thu, 26 Dec 2024 12:54:04 GMT
image-35.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/
32 KB
32 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/image-35.png?resize=726%2C400&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
757917c99570dc3d772cd2dc9b04fa48e1ac15deab8566766e0ff027ece7828d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 00:54:05 GMT
server
nginx
etag
"1776ad9837e96bb5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/12/image-35.png>; rel="canonical"
content-length
32682
expires
Thu, 26 Dec 2024 12:54:05 GMT
tiktok-app.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/01/
11 KB
11 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/01/tiktok-app.jpg?resize=620%2C339&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
2bab16870fb5356a2b613e5fafe02dba0a9faf022384e16fc44715a8aa130308
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"338f9b6475fbff13"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2020/01/tiktok-app.jpg>; rel="canonical"
content-length
11094
expires
Thu, 26 Dec 2024 13:09:36 GMT
BetMGM-breach.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/
24 KB
24 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/12/BetMGM-breach.jpg?resize=726%2C400&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c75f2031ab31cd6ec96f724733201ed1e5e1f13b6fcfab397c81d2dfbb3454b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 4
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"ef4416e9c930d0c2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/12/BetMGM-breach.jpg>; rel="canonical"
content-length
24228
expires
Thu, 26 Dec 2024 13:09:36 GMT
twemoji.js
securityaffairs.com/wp-includes/js/
0
0

wp-emoji.js
securityaffairs.com/wp-includes/js/
0
0

photon.js
securityaffairs.com/wp-content/plugins/jetpack/modules/photon/
2 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 00:24:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"638fdd33-6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrxocsZ%2BtlMh9CfNhPeQ04%2BoTLvnTMV2MVJ%2FeD1SK%2FHgtMZmq5oT5p9QWBaLSKgmUQUGog2JjWpxsHicp2QzCHCysikT7BPVUVRMbphTKOvJsEeI2TvkOBrZbnfaHIxl4xM%2FJvcVhD0xd8ZtDn%2FJZ5qZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf4bdf19b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
jquery.adrotate.clicktracker.js
securityaffairs.com/wp-content/plugins/adrotate/library/
365 B
749 B
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 22:34:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"6376b70f-16d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9aRpVokfB6zYNczphsNiC8iFheqO9c%2F0cIPA3J2fb3S89ts5X%2BawdttY9UdXqFuR7HS4fagVq50lIwR0Xg6nNQP4u7fFlSck7aP%2BR8uM%2B3LnsnDNqrkFIBMQLIFoJ0q2zX2%2Bg9xdLCx4cFO0aLOE2bE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf4de159b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/
3 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1671143364
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 22:29:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"639b9fc4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i8YhMCH5yCW%2F8O2lU7yKon4aDSfkSnkBCHa4112q1MLLRFuYvvIsdCLGfnzbGBFu5EkQs50cfOZrdeUcD0VuFgE4ET29CEN1pgcuOB2sVsDmCDvBnG71KyeEqdeeLMoMgvsKS0khOa5qow6qZDuCx6s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf4ee249b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
hint.js
securityaffairs.com/wp-content/themes/rigel_old/js/
987 B
976 B
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b89-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1h67SLHPLohNFhzPxTZg1Jm4%2BmP2KGGO637KpC17V7bYgVt3J4QQsEm4a9DpykmVYk%2BMOHJSr6Wmtrpo7FP3y88XHunXzZOBILNC86QUneoFlAs7l2wVxEr%2BxoPeCGurjt5uT6PubdFF95Aiob6QdaZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf50e4f9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
jquery.tipsy.js
securityaffairs.com/wp-content/themes/rigel_old/js/
4 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b89-1113"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKWD3Ux6xjoi%2F2E3Xsq8h0lGH6OdnIpFeoCQA8mnFMcosHqvK2xkHaKvct2590WRIFZLkCKku54rt8AF2fTPpPhV5mamx9M6SBSY8BjIewDycSgS0ut%2FSAHsSCHrvFAXvOviwl15D102YDGSTTFtw409"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf52e649b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
jquery.easing.js
securityaffairs.com/wp-content/themes/rigel_old/js/
8 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b89-1fa1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5O%2F4uba1fTyZttAFLCA5DAk1AyDGdS9zy%2FgcEkgkg4ap7hUF6EERHqKTwJUwL7jby2G1j%2B9I7Xz9BcSdfpZ%2FAcQatv78VchJsq3CKtoaqmMBLeTwYh1k89N7kKn8LEIfqkQCyIcXpjoMkkAtmczCp7E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf65fb69b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
browser.js
securityaffairs.com/wp-content/themes/rigel_old/js/
3 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b88-a36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Btx2zwlmCo11AU%2FSqtQf9fOu8vCXP6bYMawclPorBm7D7WdFptS5pL3s4fIGxhgmUw%2BHiNYdWL143J%2FYi83hp%2FQC3xrWcQUFpahvjlqtHXKIFPuMUGaZ2ZpWJX8AlvZtod9%2B0NNVlkIgnBdr5dpIsHA6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf67fce9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
jquery.flexslider-min.js
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/
21 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56716d3e-53ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGn%2BAv3G3XD%2F1QsCGHW0jx3wDcUpCUHgADki6vRekZECSg1CNAW4FjReCAek7Xou6Au9yQ55NxrLO2Wp%2FHf4P0QHigCkdu7HtpFJByPVM%2BzD7k2WB3vCOr%2F65TYaCTvsoq5O0yJO6mtAwr6gphst1Fgk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf69feb9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
waypoints.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
8 KB
3 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b8a-1f6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYn7a5NAY9b42jxFugpsT3v2T5VOsxrOAeUiexkGKRmRF5cS12oVWq8OuZMpe6%2BZupfqDGlHV9aGrVGi2ZI1bG5%2Fo%2FzZYmOi1mQk59T7UW3sLmq1xhj83%2FrMg8sFV3tqSV6mOJKqEPj2BNTT6OK%2FcHCu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf6b8039b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
mediaelement-and-player.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/
69 KB
20 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56716d42-11571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYriRlazFTmsqvAFk4qFV9YhgvINa%2BEtBV7e2JKaKBw9SaUZ%2FZL7OnWG3Fp%2BoJGk9nSiUD2MA5o33TVW7SBu8pU55F1y44wy9JmbCXNSECTGAq0mlLb%2FSw7gPEya8V38W47qsptU92dD2%2FVt8SROf9W2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf6c8199b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
jquery.swipebox.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
11 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b89-2a67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUZcCW3vijoQFAFgjLyPhqVomDTeUebgLCcs%2B5L77NrOeCwo7xX2B1poB6vezE1Uwi1Sob8TmVzIEXSX6zH0%2BswyHq%2FYrx9uJMH7wg4MDngwqK2HD8Hq9T9eBWUyarkRmlqBxRiKDT0pIFNf5x5i86Xz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf6e82b9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
jquery.circliful.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
3 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b89-c18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTU6esxEpJYuX858kgGBET%2FdaBxfkv6fdapGSfoUxNq8f7VMy0snNbiT3fq%2BRNn%2Bp5ZQPw5NhpO8SXbM9wtMELNEb25Z7%2FNYiJ7yrX9g65SzugQlx9AmaZw8U%2BLrHaAKhBDp8GCM74p2OKIxbabPQ0fU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf6e83a9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
jquery.smarticker.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/
13 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b89-3225"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8BP2wkYPYuzTGsDVnml6IIzE2e%2FLWG3XhDIihjekX1h%2BwpN5Q3TLYrSX1bPd9GaLBIdhHb3uM7UUHySihQVy8%2F4IX57fAwGiGe4V2cQyJMNok%2F1%2FsE1F6WKnJzyYAG722nwQu%2BSGgdTzblYtW%2B%2Bivcd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf6e83c9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
custom.js
securityaffairs.com/wp-content/themes/rigel_old/js/
12 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
420
etag
W/"56710b88-31d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmTCvmLfFJDmYotsuMulvBLaZHu%2BJviyod%2BgidrVg55El%2B9QmPdtCqZkQDz3Sn4ZcGqubnGJ1wYOB0Xc%2FGdV2r1zF%2FXbWVhjV91%2BImb6nJ4LPt9LOtP4yO36sDCSTgp2Iz5RXvLelj9oNFBy0y4wZW2L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
77fe2bf6e83d9b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 03 Jan 2023 01:02:36 GMT
e-202252.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202252.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Wed, 27 Dec 2023 00:25:22 GMT
pview
l.sharethis.com/
0
406 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1672103376459.58740&hostname=securityaffairs.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fsecurityaffairs.com%2F&title=Security%20Affairs%20-%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibilitySecurity%20Affairs&sop=false&description=Security%20Affairs%20-%20Every%20security%20issue%20is%20our%20affair.%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibility
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.4.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.61.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-61-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
gtm.js
www.googletagmanager.com/
100 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4931fd81605d5a439338d7579d8a48ea5ea91f31bb2bde2ebcda6f1a917234e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39881
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Dec 2022 01:09:36 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=7f328e8ac89ab883d5ef4a32c2877c9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:21:12 GMT
x-content-type-options
nosniff
age
553704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:21:12 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/
17 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=7f328e8ac89ab883d5ef4a32c2877c9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 17:41:29 GMT
x-content-type-options
nosniff
age
26887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17908
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 17:41:29 GMT
fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/
43 KB
44 KB
Font
General
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
411
etag
W/"56710b81-ad90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FsUEuVWRy4Sryefkv1rLE3JXlKfM49AZLd04sTsLRbdhkP86NTKGlqDLKINTUta08zGOjLf%2FA3otyTXe9aC%2FV18Ta3pdckw6YUFqrYtyV28i5yXz%2Fv2hz59RIenRzXALJWwxl9wewcMW0mgoggF08wK"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=315360000
cf-ray
77fe2bf708599b5e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=7f328e8ac89ab883d5ef4a32c2877c9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 21:13:16 GMT
x-content-type-options
nosniff
age
14180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 21:13:16 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/
30 KB
30 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 4
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"90081d39f1874091"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
30524
expires
Thu, 26 Dec 2024 13:09:36 GMT
logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/
7 KB
7 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 4
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"f66b518bba6e1555"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7234
expires
Thu, 26 Dec 2024 13:09:36 GMT
newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/
19 KB
19 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"d8c02e2ccf1e41bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
18968
expires
Thu, 26 Dec 2024 13:09:36 GMT
EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/
13 KB
13 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 00:56:49 GMT
server
nginx
etag
"a583ea31753e6f10"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length
13098
expires
Thu, 26 Dec 2024 12:56:49 GMT
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=0&tz=0&srv=securityaffairs.com&j=1%3A11.6&host=securityaffairs.com&ref=&fcp=0&rand=0.6855474062701061
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Dec 2022 01:09:36 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
flping.php
lg3.media.net/
15 B
15 B
Image
General
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Tue, 27 Dec 2022 01:09:36 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=83071
Connection
keep-alive
Content-Length
15
pview
l.sharethis.com/
0
380 B
Image
General
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1672103376459.58740&hostname=securityaffairs.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fsecurityaffairs.com%2F&title=Security%20Affairs%20-%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibilitySecurity%20Affairs&sop=false&description=Security%20Affairs%20-%20Every%20security%20issue%20is%20our%20affair.%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibility&description=Security%20Affairs%20-%20Every%20security%20issue%20is%20our%20affair.%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibility&img_pview=true
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.61.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-61-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Dec 2022 23:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6299
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 01:24:37 GMT
js
www.googletagmanager.com/gtag/
178 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3cff268b0f86f85448569261461a662e62ef134db6012df7010dfabcf5ad3d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67068
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 01:09:36 GMT
js
www.googletagmanager.com/gtag/
213 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a5c7ca5e9395cc7e4498131dc18c0800edb18882b790c3c074e4a50e24149f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76340
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 01:09:36 GMT
collect
region1.google-analytics.com/g/
0
349 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=2oebu0&_p=974249396&gdid=dZTNiMT&cid=2044728748.1672103377&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672103376&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F&dt=Security%20Affairs%20-%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibilitySecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=2oebu0&_p=974249396&cid=2044728748.1672103377&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672103376&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F&dt=Security%20Affairs%20-%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibilitySecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=974249396&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.com%2F&ul=en-us&de=UTF-8&dt=Security%20Affairs%20-%20Read%2C%20think%2C%20share%20%E2%80%A6%20Security%20is%20everyone%27s%20responsibilitySecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=217063490&gjid=1948598745&cid=2044728748.1672103377&tid=UA-59069958-1&_gid=448759477.1672103377&_r=1&gtm=2oubu0&did=dZTNiMT&gdid=dZTNiMT&z=794437513
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_v2.js
cdn.pixfuture.com/
38 KB
39 KB
Script
General
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1b9eb987618d75c5395ef6e3b8fbcf5a761916136ec2ec14d46eda2af7d645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14497
cf-bgj
minify
last-modified
Thu, 22 Dec 2022 21:07:20 GMT
server
cloudflare
etag
W/"63a4c708-9732"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edEx%2BZNReKuETuKs%2FWnT8klskDvzRG54HhMc3cuQ79l320xQlpZMezv2q5qxF%2FJpUG7wtpYsELA%2BILqygyT4dnFtlQiDe1kOB0z60yHstMFeaW%2Fu%2Byb7%2BDA2tgoPKNSdIC6ztrNo0%2BJeoAiOjiH0"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
77fe2bf9bbd191e7-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 28 Dec 2022 21:07:47 GMT
pbix.js
cdn.pixfuture.com/
395 KB
396 KB
Script
General
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf927c4e61681bb6f40d5a1d2be968567eb720a667d6c259db51332884e06d91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
119821
cf-polished
origSize=405747
cf-bgj
minify
last-modified
Thu, 15 Sep 2022 14:24:21 GMT
server
cloudflare
etag
W/"63233595-630f3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuwJ%2FHASJIn%2B5kfGua8Rf5wF7hwb79y2V2Q%2FUdJxTJWzOG%2B33cPVuuwqe3sb5Eq6EjK0Youj49RqYg2%2BeQVjNFPkSC8AR4OF5orhOO1NsBwRMBeG7WDnctmMLFgvF40QEYTK4UYLc3rMiCS161bg"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
77fe2bf9dbef91e7-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 27 Dec 2022 15:52:15 GMT
pixf_sync.html
cdn.pixfuture.com/ Frame 01A1
934 B
938 B
Document
General
Full URL
https://cdn.pixfuture.com/pixf_sync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ad1b654bc547dcdd6796a5f0a2d5b51cb1536f9b8a512746656d5d14670f4b

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
77fe2bf9ebf191e7-FRA
content-encoding
br
content-type
text/html
date
Tue, 27 Dec 2022 01:09:37 GMT
last-modified
Wed, 07 Dec 2022 20:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBExvKqeqqLZ%2BZglmvLipNq1pKtWOIix1yNF421j06XJ8lu4DRYGc5Lg2r%2FTU7X%2Fzv0TxmIzF1iICYl4YJYIRyfks3%2F9WZZjLNd1omUGIfcFQoOqeJvasUTKH4gyJ83xkYcnqcokZDFQj5XCktJn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/
0
460 B
Script
General
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.95.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-95-202.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/
13 KB
13 KB
XHR
General
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=security,affairs,read,think,share,security,is,everyones,responsibilitysecurity,affairs&refUrl=&refresh=false&innerWidth=1600&cb=1672103376943
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8c483c541088928c178ee13e2c392d7a9ef9777cd163d6cf3da23e9f3a54716c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/
13 KB
14 KB
XHR
General
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24271x300x600x4142x_ADSLOT1&keywords=security,affairs,read,think,share,security,is,everyones,responsibilitysecurity,affairs&refUrl=&refresh=false&innerWidth=1600&cb=1672103376944
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
3cf54a517d5ae314b27a528a239d35efacb05286720b9c24b39ac7bb2ef2256a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/
13 KB
13 KB
XHR
General
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=security,affairs,read,think,share,security,is,everyones,responsibilitysecurity,affairs&refUrl=&refresh=false&innerWidth=1600&cb=1672103376944
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b5b87067c47877fd65dfdf6331856ef91144729fdcb78a5b02050463e8b9b212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/
16 KB
17 KB
XHR
General
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24274x728x90x4142x_ADSLOT1&keywords=security,affairs,read,think,share,security,is,everyones,responsibilitysecurity,affairs&refUrl=&refresh=false&innerWidth=1600&cb=1672103376945
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
cd044a0a490741ba2de8f25925586a39779f7cf0b2b2bb713cff7b68e9105dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ Frame 01A1
17 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://cdn.pixfuture.com/
Origin
https://cdn.pixfuture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
77fe2bfacbc29b67-FRA
rum
cdn.pixfuture.com/cdn-cgi/ Frame 01A1
0
136 B
XHR
General
Full URL
https://cdn.pixfuture.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.pixfuture.com/pixf_sync.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cdn.pixfuture.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
77fe2bfb1ce791e7-FRA
flping.php
lg3.media.net/
15 B
15 B
Image
General
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Tue, 27 Dec 2022 01:09:37 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=83070
Connection
keep-alive
Content-Length
15
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://securityaffairs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 27 Dec 2022 01:09:36 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
244609
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=0Q8FyXxNd0NIaW9TbWN1Z3EyYzdrSVpKcmgxTmRhWC81QkFROGhuVi9TcTlFV2lIWmxSUzc5ZnUxbFJJOGxZU0FObVN0V2pLSGNQK2lwMmNHUGJYR1ZaTm1LSTk4YUU0VkRXNHJzMzRDSUFkbm9HT01taW9QMVNjOFV4dC...
357 B
648 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=0Q8FyXxNd0NIaW9TbWN1Z3EyYzdrSVpKcmgxTmRhWC81QkFROGhuVi9TcTlFV2lIWmxSUzc5ZnUxbFJJOGxZU0FObVN0V2pLSGNQK2lwMmNHUGJYR1ZaTm1LSTk4YUU0VkRXNHJzMzRDSUFkbm9HT01taW9QMVNjOFV4dC9VdVNkWDFkTUpBMTFsd2dOLzQvSXVlUHRrcWt5cEt6cWYxb2FIYVVzcjBscU5ZOGJneUlWOURPSEs0QTRCMGdnajlJVzMvNW9GTENaSHlRZ29pTVNITTdlTmN1R3RMZlFHS2t0aFZKNy8rNGRIdXhjcHlDRDdGc1NqS1lWSUNySmYrTUZweTJkfA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2f37e30ada318e0830aec69a1255d39c8b9fa795eed6d3e1f1cf60645871ef66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1240475
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=0Q8FyXxNd0NIaW9TbWN1Z3EyYzdrSVpKcmgxTmRhWC81QkFROGhuVi9TcTlFV2lIWmxSUzc5ZnUxbFJJOGxZU0FObVN0V2pLSGNQK2lwMmNHUGJYR1ZaTm1LSTk4YUU0VkRXNHJzMzRDSUFkbm9HT01taW9QMVNjOFV4dC9VdVNkWDFkTUpBMTFsd2dOLzQvSXVlUHRrcWt5cEt6cWYxb2FIYVVzcjBscU5ZOGJneUlWOURPSEs0QTRCMGdnajlJVzMvNW9GTENaSHlRZ29pTVNITTdlTmN1R3RMZlFHS2t0aFZKNy8rNGRIdXhjcHlDRDdGc1NqS1lWSUNySmYrTUZweTJkfA&cppv=2
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
310985
content-length
0
expires
0
f
fid.agkn.com/
0
0

prebid
id5-sync.com/api/config/
135 B
548 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

rid
match.adsrvr.org/track/
63 B
392 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0bc6695dc2812b6bddaff0557f64cb8ba34915ffc31415d3188d5cc71d5d9ffe

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 26 Jan 2023 01:09:37 GMT
r.js
aa.agkn.com/adscores/
0
459 B
Script
General
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.95.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-95-202.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
0
1 KB
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
AN-X-Request-Uuid
bc852cf0-5b6f-4aa7-ae74-db61f38fac42
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date
Tue, 27 Dec 2022 01:09:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e0307dd2-a0c7-4f99-a9bf-e1f4af1ac325
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
0
1 KB
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
AN-X-Request-Uuid
7fe477a7-0009-4627-a23e-9fc825abd995
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date
Tue, 27 Dec 2022 01:09:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c48e4c7e-f414-4cff-8ac9-e265e01924b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
406 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f8e64cba4fce583bfd1da3633f33a5028791ad8ca5ed8202f278bf644092fe86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
529.json
id5-sync.com/g/v2/
216 B
629 B
XHR
General
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
0a1cf5989641a0bd9b44a47a84dca378f456cf394a9eaab9a78b9bfc6b38171b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=0Q8FyXxNd0NIaW9TbWN1Z3EyYzdrSVpKcmgxTmRhWC81QkFROGhuVi9TcTlFV2lIWmxSUzc5ZnUxbFJJOGxZU0FObVN0V2pLSGNQK2lwMmNHUGJYR1ZaTm1LSTk4YUU0VkRXNHJzMzRDSUFkbm9HT01taW9QMVNjOFV4dC9VdVNkWDFkTUpBMTFsd2dOLzQvSXVlUHRrcWt5cEt6cWYxb2FIYVVzcjBscU5ZOGJneUlWOURPSEs0QTRCMGdnajlJVzMvNW9GTENaSHlRZ29pTVNITTdlTmN1R3RMZlFHS2t0aFZKNy8rNGRIdXhjcHlDRDdGc1NqS1lWSUNySmYrTUZweTJkfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 27 Dec 2022 01:09:36 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
441703
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://securityaffairs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://securityaffairs.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 27 Dec 2022 01:09:37 GMT
server
ATS/9.1.10.25
cookie_sync
prebidserver.pixfuture.com/
792 B
1 KB
XHR
General
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1d6693b7186c190fb6f7b0f65ae79fd4fe3cc66281a3c322e1317b6860175e95

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
792
expires
0
auction
prebidserver.pixfuture.com/openrtb2/
488 B
817 B
XHR
General
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c5b7378b6dc524541e093b06e83f0412e06763d04448bdcde3d2a3c9a89c5055

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
488
expires
0
hb
ssc.33across.com/api/v1/
87 B
352 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cf8b979a23e3a51f619b4ff5a964c840d0ec6ccce7887fe8432801365f6210f3

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
ap.lijit.com/rtb/
24 B
406 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
568216c1a962852e47fe4daef7ae42a0a46529df67bed8afd68d58f836f93436

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Dec 2022 01:09:37 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/
0
341 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
btlr.sharethrough.com/universal/
0
159 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.128.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-128-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
pixfuture2-d.openx.net/w/1.0/
73 B
380 B
XHR
General
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ba89f84f-f69b-4b54-a3d8-ae752ea13d33&nocache=1672103377380&id5id=0&pubcid=782acc94-2fc3-4314-bd62-ae66116feb94&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=300x600&divids=24271x300x600x4142x_ADSLOT1&aucs=&auid=540580843&tps=bXlrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a22ce03d5ba74882887f0a3a0ee01f056de55f918d06af1eec8c681142de9358

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
435 B
997 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=10&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=782acc94-2fc3-4314-bd62-ae66116feb94%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&tg_i.domain=securityaffairs.com&tg_i.cat=IAB12%2CIAB19-18&tg_i.sectioncat=IAB12%2CIAB19-18&tg_i.pagecat=IAB12%2CIAB19-18&tg_i.page=https%3A%2F%2Fsecurityaffairs.com%2F&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=ba89f84f-f69b-4b54-a3d8-ae752ea13d33&l_pb_bid_id=187cb6ff4403f9b&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4357855860798654
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7f13fad6fb28d7b981e0e44036de03360ef1d665d13e4a25dc4e8d6c66c15f9b

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
435
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
19 B
986 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
AN-X-Request-Uuid
f4419491-525b-49df-b78f-7a4dc8de64a0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
299 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
962ddee0134b50d472f8f59559be59134ae74b7071edd88dc78cf437d9f2a6bf

Request headers

Referer
https://securityaffairs.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
content-length
66
trinity.json
apex.go.sonobi.com/
95 B
850 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2225fd174082c44ff%22%3A%220c07315beafa66a777b4%7C300x600%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&s=d8171d29-061c-496c-9873-802950d2f6ec&pv=f86a7542-315b-4e70-80d5-f8f28c716508&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22cat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22sectioncat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22pagecat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F%22%2C%22keywords%22%3A%22security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%229d22d228-c4a8-4959-9005-d7ca2da6a4d1%22%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
368b78c4589f777d846d5bb40672d37711ca6e781fb5e354ad4dddf04946806b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-181
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
62 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
63c76ce36e998a627ba74107d434b4678ebc1d2828be4fe8dff39d8e87b52d34

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 01:09:37 GMT
auction
prebidserver.pixfuture.com/openrtb2/
488 B
817 B
XHR
General
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
19d185128f5f3137d085ed61824c45d928ff2cfedb00ca02034c1ad6f08cc307

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
488
expires
0
prebid
prebid.media.net/rtb/
1 KB
789 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
346d95c8828100faeab4b18adaf0123c6ca7589c09f1d05c0a36e94ee2c84692

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 01:09:37 GMT
v1
prg.smartadserver.com/prebid/
0
341 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
arj
pixfuture2-d.openx.net/w/1.0/
73 B
145 B
XHR
General
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=856b2bcf-d421-402d-af9e-3a7d25be0943&nocache=1672103377398&id5id=0&pubcid=782acc94-2fc3-4314-bd62-ae66116feb94&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C9d22d228-c4a8-4959-9005-d7ca2da6a4d1%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c38428407d272954db890b91001b8bac74826ca947893c7303d40b2cc2fc00a7

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
160 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.128.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-128-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/
435 B
768 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,9d22d228-c4a8-4959-9005-d7ca2da6a4d1,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=782acc94-2fc3-4314-bd62-ae66116feb94%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&tg_i.domain=securityaffairs.com&tg_i.cat=IAB12%2CIAB19-18&tg_i.sectioncat=IAB12%2CIAB19-18&tg_i.pagecat=IAB12%2CIAB19-18&tg_i.page=https%3A%2F%2Fsecurityaffairs.com%2F&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=856b2bcf-d421-402d-af9e-3a7d25be0943&l_pb_bid_id=46f6d2e7b1efd37&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5874389111128668
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bf835f9b130742e1753bebbb39051d39adb607a509a7f2ce48775242e1336cf1

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
435
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/
87 B
169 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
307eddac06e7be340e3c1664d6e731163741a7c2b8d5e39e6aba450b9ece1fb4

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trinity.json
apex.go.sonobi.com/
30 B
621 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2250d771d467186da%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&s=9f4af59e-8e86-4eb2-a71f-a83e7f98e568&pv=f86a7542-315b-4e70-80d5-f8f28c716508&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22cat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22sectioncat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22pagecat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F%22%2C%22keywords%22%3A%22security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%229d22d228-c4a8-4959-9005-d7ca2da6a4d1%22%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-106
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/
94 B
504 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d93b2b41f4480c58d5826cb91570ccdbf3bf7d9a9837b40b12e093b7fc9af976

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Dec 2022 01:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/
0
118 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
19 B
986 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
AN-X-Request-Uuid
3fbafe3b-fed2-4221-b98c-ef0f68e398e2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebidserver.pixfuture.com/openrtb2/
489 B
818 B
XHR
General
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
352fe5c75144450662c5485e7a62bc544009db6cee45689090822e5c44ae1790

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
489
expires
0
arj
pixfuture2-d.openx.net/w/1.0/
73 B
145 B
XHR
General
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f99be896-62f9-4dc2-a601-9747745029d4&nocache=1672103377408&id5id=0&pubcid=782acc94-2fc3-4314-bd62-ae66116feb94&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C9d22d228-c4a8-4959-9005-d7ca2da6a4d1%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
eea0b6a5c8fdacdbdf857bdd2e23134c7d4609d24f786f076551790e8b157e14

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
435 B
767 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,9d22d228-c4a8-4959-9005-d7ca2da6a4d1,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=782acc94-2fc3-4314-bd62-ae66116feb94%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&tg_i.domain=securityaffairs.com&tg_i.cat=IAB12%2CIAB19-18&tg_i.sectioncat=IAB12%2CIAB19-18&tg_i.pagecat=IAB12%2CIAB19-18&tg_i.page=https%3A%2F%2Fsecurityaffairs.com%2F&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=f99be896-62f9-4dc2-a601-9747745029d4&l_pb_bid_id=68d87a1b0c05fec&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7001197878465155
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
50dbc0ac0b082f35ffb5c174090e6ae253f43f82d491a862f55a4e2f4a73728e

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
435
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/
0
159 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.128.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-128-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/
0
62 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
19 B
986 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
AN-X-Request-Uuid
1e1cb633-a414-48bc-9117-2d9c9cb201a5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/
87 B
184 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9a99fb70fee24aae2df32c9d1cec103b505c168d3f56af0454ef922785dff1de

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
prebid.media.net/rtb/
1 KB
790 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
caa7cd282834db10f0f18d146f312255ac4768c702b713744750ae06fc3f2689

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 01:09:37 GMT
v1
prg.smartadserver.com/prebid/
0
341 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/
24 B
406 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
be854a921acf62d8673ff6c6725a6eddfbace003185c26146424fb5e98a323e8

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Dec 2022 01:09:37 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/
30 B
619 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228524caa8fb1c7a6%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&s=168b3ca1-7172-4ad6-986d-9404a95126d7&pv=f86a7542-315b-4e70-80d5-f8f28c716508&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22cat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22sectioncat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22pagecat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F%22%2C%22keywords%22%3A%22security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%229d22d228-c4a8-4959-9005-d7ca2da6a4d1%22%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-85
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://securityaffairs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://securityaffairs.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 27 Dec 2022 01:09:37 GMT
server
ATS/9.1.10.25
auction
prebidserver.pixfuture.com/openrtb2/
488 B
817 B
XHR
General
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a536fed03d8e302bf358c6b44fd9067b9cf9af93b107cf0f57c9d6903e8b1af5

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
488
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
434 B
768 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=2&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,9d22d228-c4a8-4959-9005-d7ca2da6a4d1,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=782acc94-2fc3-4314-bd62-ae66116feb94%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&tg_i.domain=securityaffairs.com&tg_i.cat=IAB12%2CIAB19-18&tg_i.sectioncat=IAB12%2CIAB19-18&tg_i.pagecat=IAB12%2CIAB19-18&tg_i.page=https%3A%2F%2Fsecurityaffairs.com%2F&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=63f2f33a-38de-4f66-86b8-d35e2bc87c09&l_pb_bid_id=943856af5c642a6&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.671092270953288
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1f403ff96b227d172893ae79a59cc74884b58a254f7d9e73b7ffc2cfec21365d

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
434
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
pixfuture2-d.openx.net/w/1.0/
73 B
145 B
XHR
General
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=63f2f33a-38de-4f66-86b8-d35e2bc87c09&nocache=1672103377422&id5id=0&pubcid=782acc94-2fc3-4314-bd62-ae66116feb94&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C9d22d228-c4a8-4959-9005-d7ca2da6a4d1%2C%2C&aus=728x90&divids=24274x728x90x4142x_ADSLOT1&aucs=&auid=540580842&tps=bXlrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPXNlY3VyaXR5LGFmZmFpcnMscmVhZCx0aGluayxzaGFyZSxzZWN1cml0eSxpcyxldmVyeW9uZXMscmVzcG9uc2liaWxpdHlzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
93c49eb7a1b379a2eaed44b734895c41b2b8d2c2709c4f9630ac7ee719e6dfb7

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
892023286b2e695f67cd85296c61db2b63581a5021d21cbec334b25b9b9a12b3

Request headers

Referer
https://securityaffairs.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
content-length
66
prebid
prebid.media.net/rtb/
1 KB
789 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
25a885bb897c6c42f7d0fc0aeb5b92844f0fa26653645061b43ec05d9d835e79

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 27 Dec 2022 01:09:37 GMT
v1
prg.smartadserver.com/prebid/
0
341 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/
0
62 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/
96 B
851 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221063bfe3378a8699%22%3A%22951d83dd852c9348161e%7C728x90%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress&s=cd7ca416-420a-4d40-a86f-ab434e3f8941&pv=f86a7542-315b-4e70-80d5-f8f28c716508&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22cat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22sectioncat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22pagecat%22%3A%5B%22IAB12%2CIAB19-18%22%5D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F%22%2C%22keywords%22%3A%22security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%229e74e274-72db-4024-b8df-87638db79c43%22%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22782acc94-2fc3-4314-bd62-ae66116feb94%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=security%2Caffairs%2Cread%2Cthink%2Cshare%2Csecurity%2Cis%2Ceveryones%2Cresponsibilitysecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ed7456fe60284e3f50f6e299421d0c682133dd385f57d6cf94eaafe45ea11c67
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-165
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/
95 B
505 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ca64026e7801799184072a008584a94e4303606534905e32c6d81f9abac15241

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Dec 2022 01:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
btlr.sharethrough.com/universal/
0
159 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.128.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-128-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/
87 B
179 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b42ca68bd8f69e1977a6aa617fce074926cfaa7a81fd1c690bafe47c037df05c

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/
19 B
986 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:37 GMT
AN-X-Request-Uuid
70e4b0be-1775-42df-870a-1eead1979763
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebidserver.pixfuture.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=cd1da563-5f45-4d79-a662-88b9eb72e77d
86 B
576 B
Image
General
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=cd1da563-5f45-4d79-a662-88b9eb72e77d
Protocol
HTTP/1.1
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=cd1da563-5f45-4d79-a662-88b9eb72e77d
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
setuid
prebidserver.pixfuture.com/ Frame F1AD
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
489 B
Document
General
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 27 Dec 2022 01:09:37 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

cache-control
no-store
content-length
0
location
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D004
0
0

pxft_iel.js
cdn.pixfuture.com/
5 KB
5 KB
Script
General
Full URL
https://cdn.pixfuture.com/pxft_iel.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
119828
cf-bgj
minify
last-modified
Fri, 09 Dec 2022 15:37:52 GMT
server
cloudflare
etag
W/"63935650-139c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lpt41oQL1rkRTr1PA8SEkm6Kx6%2BR4L9ml3W%2F5%2FPlWJmyvBzbYDEoaKC1EfRKIMFyb2cR5VBMx9sDaqFlP701Ho79Y1iQTkL2dnkbK4%2FDPlKM5qEq8S9c7OE7kmP63jMR92Go%2BFtzDST9kqC9O3x5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
77fe2bff584091e7-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 27 Dec 2022 15:52:08 GMT
tag.min.js
get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/
26 KB
9 KB
Script
General
Full URL
https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 07:08:47 GMT
content-encoding
gzip
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-amz-version-id
0Wki3095rBiC8xDP56.qUYf2JNRTRIn7
last-modified
Mon, 07 Nov 2022 19:46:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
64851
etag
W/"34bbd675e8b425becff971d5a4756c10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
CYyskmulAXfN7Po26erkhb8xwshyoKQrEhPLybf-WCMPlMrrB9PA3g==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 76D1
99 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d6a67b9961421818946cfc5130d4d1a52197f5d3576f580c3664509114ba665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34206
x-xss-protection
0
server
cafe
etag
14425109086895636099
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 01:09:37 GMT
/
onetag-geo.s-onetag.com/
555 B
961 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amzn-requestid
9f522746-4c2a-4b76-986a-cb5f280681e2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
dx_Y1EMSCYcFycg=
content-length
555
x-amz-cf-id
Et3CdlfKku51TJaGcoo4MemFSwW_tFm7CtoV5rhBPvqCv2bG3a2zUg==
beacon.min.js
signal-beacon.s-onetag.com/
20 KB
7 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
date
Tue, 27 Dec 2022 01:02:00 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
458
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
lCSfc-MYpXlMK21Hto1W0-brRB1BhrC07PGCFq3bb6K-CNKfn2v1GQ==
%2F
signal-segments.s-onetag.com/desktop/securityaffairs.com/
0
295 B
Fetch
General
Full URL
https://signal-segments.s-onetag.com/desktop/securityaffairs.com/%2F
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-32.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:54:08 GMT
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
929
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
0
apigw-requestid
dx9HqiLviYcEJGA=
x-amz-cf-id
wULPaLdBVeRCXT4v3ZWhjd-9ZUoKatndZZlUBRVdqEtgQyo7-U5KJA==
securityaffairs.com
signal-segments.s-onetag.com/desktop/
0
291 B
Fetch
General
Full URL
https://signal-segments.s-onetag.com/desktop/securityaffairs.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-32.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:54:08 GMT
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
929
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
0
apigw-requestid
dx9HqiOkiYcEa1Q=
x-amz-cf-id
raQmNCjfTchh99zijrsVmdRipa05BnadnWMGm914rW7xg363rsSuVA==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0496
99 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c609ac35700d2a28782fed2856910816281bf5157449e7b10c3b950643a4f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34204
x-xss-protection
0
server
cafe
etag
2987109380576154481
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 01:09:37 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ Frame 76D1
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071276
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
563fd70c2f98ba30da5563f89eb586ceea7ce17483adc043b29d5578e59cc430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119791
x-xss-protection
0
server
cafe
etag
6677553940216668255
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 01:09:37 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 93EC
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
1 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b9356dfe417eec1612548346667d4edb28ce3e9d5c12b664bc9eaae005edda18

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-936

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 27 Dec 2022 01:09:38 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-936
/
onetag-geo.s-onetag.com/
555 B
960 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amzn-requestid
9f522746-4c2a-4b76-986a-cb5f280681e2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
dx_Y1EMSCYcFycg=
content-length
555
x-amz-cf-id
GbmoKtY4rq7zLgkXhRH7YWE4QWFzB7np6ASBP391CXex0JREu3m6tw==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame 0496
356 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6870ed2fb04fa82527303e6207db1d97d05dc0f77c1b70c142653cb89894e435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120019
x-xss-protection
0
server
cafe
etag
5639507909205599716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 01:09:37 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 781D
99 KB
33 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a63ee3b92d7482349efb8ad543314071173786873b6d5b0f0902113fd21e8cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34204
x-xss-protection
0
server
cafe
etag
2833412719296188992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 01:09:38 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0496
405 B
703 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-1575911585432548&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfd1698fe4010e21a5ec948c565d734f8b8062c92f9f4d51f1a7bb5297ee92b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 0496
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0496
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0846
96 KB
37 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97dd97389f5a4a645f27a44dbce9b7f21cd7a93fe0a4c85715af5f7a38cb41a3
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLO5gr_OmPwCFc4AiwodqEUMiQ&gqi=0kWqY5vHA-v-7_UP_oK72AY&layout=/sadbundle/%24csp%253Der3%24/11420239048482543822/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
37062
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLO5gr_OmPwCFc4AiwodqEUMiQ&gqi=0kWqY5vHA-v-7_UP_oK72AY&layout=/sadbundle/%24csp%253Der3%24/11420239048482543822/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 76D1
405 B
325 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-1575911585432548&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97d7876ce0d8fa5392fb52224a025a7ca47976efcdbd58290984e043e3433c60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 76D1
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 76D1
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FD0C
64 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fe05c0b2206d60309ed581b6497048b23e4f62c1b03cbc9d4d2deed7ceaf7a8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLq1hL_OmPwCFQuFgwcdNHwEsQ&gqi=0kWqY4jCBZCE9u8PseKJmAY&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
22375
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLq1hL_OmPwCFQuFgwcdNHwEsQ&gqi=0kWqY4jCBZCE9u8PseKJmAY&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame 781D
356 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c7e415acbb8a3fe3d15def18e3063ad4b47bfa84600a5549b99f86a231032df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120012
x-xss-protection
0
server
cafe
etag
16993150775952587847
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 01:09:38 GMT
ptag
a.audrte.com/ Frame 93EC
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f10fb414f3be567ed6b98259b9639806a54a13fb106dd1194949c499cfcdba0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:38 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1646
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 93EC
566 B
521 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:37 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 26 Dec 2027 01:09:37 GMT
us
sync.go.sonobi.com/ Frame 93EC
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Debbe1f966e28985b%26uid%3D%24UID&partner=eplanning
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mMGE2ZTQwNi05YmNhLTMwM2MtOWM5Ny03ODBlMjA1YzI...
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mMGE2ZTQwNi05YmNhLTMwM2MtOWM5Ny03ODBlMjA1YzIzYWMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWJiZTFmOTY2ZTI4OTg1YiZ1aWQ9dWEtZjBhNmU0MDYtOWJjYS0zMDNjLTljOTctNzgwZTIwNWMyM2FjMgISDDgB
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-192
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mMGE2ZTQwNi05YmNhLTMwM2MtOWM5Ny03ODBlMjA1YzIzYWMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZWJiZTFmOTY2ZTI4OTg1YiZ1aWQ9dWEtZjBhNmU0MDYtOWJjYS0zMDNjLTljOTctNzgwZTIwNWMyM2FjMgISDDgB
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
v1
match.sharethrough.com/universal/ Frame 93EC
0
35 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.254.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-254-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
usync.html
eus.rubiconproject.com/ Frame EBBF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 01:09:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Dec 2022 01:09:38 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 7717
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c37722665c0670fba131d376b8817a758deb29747ec5ab6223252cdba32aaf

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77fe2c01ab4f9bb8-FRA
content-encoding
br
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptoVIa7B1dWeGs7Ommqdvrsum3TI6Trd0wQBd7mdCwGr6xfK%2FIaGV536QAI%2FsFmZI3SE9aope84VWUjmEg5eQ3824PibYW%2BojzXwY7SlKAeJpQNp0cnuZp7o%2FKZ6ooQmdUICQdz1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77fe2c017ab89107-FRA
content-length
0
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DByolG6VN%2FCsfSQhqkt3PfmsAbngXcHaWUU5CnpF5%2FsoJsDrFB5aqPx7uW7TNtotLSoUs3VtSf98eacE%2F5zy3tD4iT%2BZWb6QPzKwdqLczZQmTjtavOD8QlfuTv440nCKAJhhrIl2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 46E7
1 KB
999 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
etag
W/"61ddbb71-5f5"
expires
Wed, 20 Oct 2027 17:11:26 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
3fb6b1551d6ce7b94c409dd63b6a9767
x-cf-tsc
1666372287
x-cf1
29080:fF.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 34EE
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 1985
9 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cdb35680f8c210401c6af7efe597b978735ab2775746334ed14f94896505d2

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
77fe2c0178179000-FRA
content-encoding
br
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
server
cloudflare
vary
Origin
via
1.1 google
cookie.js
partner.googleadservices.com/gampad/ Frame 781D
405 B
281 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-1575911585432548&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
874072fff133aab13c56d84b6d8e48d025295c234af0251dd270971ec74482a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
259
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 781D
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 781D
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 54FE
75 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
877fa53fbb42d19a3afafb18daf7bd0ad0432770ffbc8890aef478063a9b2dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29092
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
getuid
ib.adnxs.com/ Frame 1985
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 1985
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=1547b942-12bc-47cf-a47b-20940e7892c9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=1547b942-12bc-47cf-a47b-20940e7892c9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c0268e59000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 27 Dec 2022 01:09:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=1547b942-12bc-47cf-a47b-20940e7892c9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 1985
0
331 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1985
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 1985
0
166 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1672103378.244614,VS0,VE8
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn-etou8220050-HHN
u
dmp.v.fwmrm.net/ad/ Frame 1985
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:363e:3490:f8eb:b263 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1985
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D61637e58-9d4a-4515-660f-55dd698f0260%26reqId%3D3acc5d2c-5048-4ecd-6425-a283ba5a59e1%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 Dec 2022 01:09:36 GMT
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=514039a0-0c78-461d-9329-508d04ef129f&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=514039a0-0c78-461d-9329-508d04ef129f&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c0359a59000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=514039a0-0c78-461d-9329-508d04ef129f&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=61637e58-9d4a-4515-660f-55dd698f0260&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=61637e58-9d4a-4515-660f-55dd698f0260&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=47553317289599480911205018753044821649&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=47553317289599480911205018753044821649&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c086e539000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v045-09e3db1c5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
IwYEte1QSB0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=47553317289599480911205018753044821649&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 1985
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=61637e58-9d4a-4515-660f-55dd698f0260&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022122702-88081-0.303706001672103378-fb4427e4b5197590e3c09dcda681b768&zdid=533&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022122702-88081-0.303706001672103378-fb4427e4b5197590e3c09dcda681b768&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c0289169000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022122702-88081-0.303706001672103378-fb4427e4b5197590e3c09dcda681b768&zdid=533&env=mWeb
Date
Tue, 27 Dec 2022 01:09:38 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7181629324047874194&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7181629324047874194&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c0258c69000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7181629324047874194&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Date
Tue, 27 Dec 2022 01:09:38 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 1985
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=61637e58-9d4a-4515-660f-55dd698f0260
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=61637e58-9d4a-4515-660f-55dd698f0260
95 B
122 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=61637e58-9d4a-4515-660f-55dd698f0260
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 27 Dec 2022 01:09:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=61637e58-9d4a-4515-660f-55dd698f0260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=61637e58-9d4a-4515-660f-55dd698f0260&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=61637e58-9d4a-4515-660f-55dd698f0260&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=UaaeDbNkaenzniW7x.Z40e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4e...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=UaaeDbNkaenzniW7x.Z40e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c0369ab9000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
via
1.1 google
last-modified
Tue, 27 Dec 2022 01:09:38 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=UaaeDbNkaenzniW7x.Z40e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 1985
0
84 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=61637e58-9d4a-4515-660f-55dd698f0260&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
tpid=61637e58-9d4a-4515-660f-55dd698f0260
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 1985
49 B
266 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=61637e58-9d4a-4515-660f-55dd698f0260?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.154
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-dbM1e_tE2oqZh00NbtzHa6qwlIhFZa8Txw--~A&zpartnerid=570&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-dbM1e_tE2oqZh00NbtzHa6qwlIhFZa8Txw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c044a899000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-dbM1e_tE2oqZh00NbtzHa6qwlIhFZa8Txw--~A&zpartnerid=570&env=mWeb
date
Tue, 27 Dec 2022 01:09:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1jt9wbSA4YTmeR7FWRGmM9a%2BS41iYitP1U%3D
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1jt9wbSA4YTmeR7FWRGmM9a%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c02088d9000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1jt9wbSA4YTmeR7FWRGmM9a%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 1985
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=61637e58-9d4a-4515-660f-55dd698f0260&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 1985
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.136.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-136-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n017-dub-prod.krxd.net
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1672103378
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 1985
95 B
361 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=61637e58-9d4a-4515-660f-55dd698f0260&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Tue, 27 Dec 2022 01:09:38 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y6pF0gAGgYicXwAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a28...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y6pF0gAGgYicXwAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&_test=Y6pF0gAGgYicXwAe
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c048abe9000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-hhn-etou8220031-HHN
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672103379.621625,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y6pF0gAGgYicXwAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&_test=Y6pF0gAGgYicXwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=d76563aa-45d3-4300-a2c2-38241bf5d3fb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=d76563aa-45d3-4300-a2c2-38241bf5d3fb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c069cb49000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Tue, 27 Dec 2022 01:09:38 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=d76563aa-45d3-4300-a2c2-38241bf5d3fb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Tue, 27 Dec 2022 01:09:37 GMT
usermatch.gif
beacon.krxd.net/ Frame 1985
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
34.248.136.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-136-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1672103378
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
date
Tue, 27 Dec 2022 01:09:38 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a018-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1985
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=61637e58-9d4a-4515-660f-55dd698f0260&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=61637e58-9d4a-4515-660f-55dd698f0260&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=61637e58-9d4a-4515-660f-55dd698f0260&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EMXHZY9255NGJSCGENRA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7C9YEDC3J851P11W0QDQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=61637e58-9d4a-4515-660f-55dd698f0260&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 1985
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=61637e58-9d4a-4515-660f-55dd698f0260&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D616...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c057bbf9000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
date
Tue, 27 Dec 2022 01:09:38 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=61637e58-9d4a-4515-660f-55dd698f0260&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f...
  • https://mwzeom.zeotap.com/mw?cid=LC5J6FCK-1N-1XVN&env=mWeb&zpartnerid=1770&gdpr=1
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=LC5J6FCK-1N-1XVN&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c043a869000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LC5J6FCK-1N-1XVN&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 1985
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=61637e58-9d4a-4515-660f-55dd698f0260&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=cd1da563-5f45-4d79-a662-88b9eb72e77d&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4...
95 B
162 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=cd1da563-5f45-4d79-a662-88b9eb72e77d&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c02088e9000-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=cd1da563-5f45-4d79-a662-88b9eb72e77d&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 1985
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c045a9a9000-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 1985
557 B
468 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac25f06eaea173ab8f41d4fc940ae2b161113d71676f340510372e4d1da487c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
77fe2c01d8699000-FRA
access-control-allow-headers
*
usermatchredir
ssum-sec.casalemedia.com/ Frame 7717
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECDFNO0oieoouVRh99A6vf0&google_cver=1
43 B
885 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECDFNO0oieoouVRh99A6vf0&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68flgTgEAMzFUeEJJfkMnF2saCG6gZTG9DPrKn%2FJD9CMsG3pIUv3%2BEfsiGLgv0GzyNuFK%2BEXHQOvWJJBPzN0sjnHu85DsA7IEph0mPeGfb2KBPblXtkILYNP6wyr%2F%2BtdgJhujFIqhreDYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77fe2c02681590fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECDFNO0oieoouVRh99A6vf0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7717
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7717
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6pF0hYELjUEWCLEfBNwuwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFQzi_VxkWm9vfsX5to8EXU&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFQzi_VxkWm9vfsX5to8EXU&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFQzi_VxkWm9vfsX5to8EXU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7717
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6PNHVP058HWP5TA1F0RM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XZ0JVNP7HB19JVX71YW8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6pF0hYELjUEWCLEfBNwuwAAFC8AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7717
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3185414693727396622
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3185414693727396622
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3185414693727396622
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7717
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Tue, 27 Dec 2022 01:09:38 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 7717
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687828178&external_user_id=663f8539-6f73-4305-932e-cd7305dd9318
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687828178&external_user_id=663f8539-6f73-4305-932e-cd7305dd9318
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687828178&external_user_id=663f8539-6f73-4305-932e-cd7305dd9318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
demconf.jpg
dpm.demdex.net/ Frame 7717
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6pF0hYELjUEWCLEfBNwuwAA%265167?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6pF0hYELjUEWCLEfBNwuwAA%265167
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6pF0hYELjUEWCLEfBNwuwAA%265167
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
3.248.100.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-100-224.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
A88X3zpJRa4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-034f2d6c4.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fW3QZjPlR44=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6pF0hYELjUEWCLEfBNwuwAA%265167
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
um
u-ams03.e-planning.net/ Frame 7717
42 B
104 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=ebbe1f966e28985b&uid=Y6pF0hYELjUEWCLEfBNwuwAA%265167
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Debbe1f966e28985b%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

server
openresty
date
Tue, 27 Dec 2022 01:09:38 GMT
content-type
image/gif
cmp
spl.zeotap.com/ Frame 1985
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
77fe2c02088a9000-FRA
date
Tue, 27 Dec 2022 01:09:38 GMT
server
cloudflare
vary
Origin
via
1.1 google
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
728 KB
64 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
481916
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
63764
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 11:17:42 GMT
expires
Thu, 21 Dec 2023 11:17:42 GMT
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2DC1
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FD0C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
33476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FD0C
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
45388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
usync.js
eus.rubiconproject.com/ Frame EBBF
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb5eaee534603a65897417e25029bcf8110a5ff3005d6254bf27d42f78f343e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 20:47:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70668
Connection
keep-alive
Content-Length
10067
Expires
Tue, 27 Dec 2022 20:47:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2DC1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
128 KB
19 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd298437672a1357401c64c034cbee391fcb9e6c5d8d1dd7663f82737b911e02
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
27958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
19812
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 17:23:40 GMT
expires
Tue, 26 Dec 2023 17:23:40 GMT
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 0846
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
45388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame EBBF
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=LC5J6FCK-1N-1XVN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
css
fonts.googleapis.com/ Frame 4558
6 KB
601 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:800,300,600,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 01:02:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 01:09:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4558
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 10:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 27 Dec 2022 10:31:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4558
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
55720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 27 Dec 2022 09:40:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD0C
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=2470624294&adf=1480696135&pi=t.ma~as.1139220782&w=320&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377935&bpp=11&bdt=113&idt=134&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=1160687499&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=253&biw=1600&bih=1200&isw=320&ish=50&ifk=478963076&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31071276%2C44780792&oid=2&pvsid=1027461828469942&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xu3houbsy59j&fsb=1&xpc=wWrUTYds3l&p=https%3A//securityaffairs.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 01:09:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 65E3
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 10:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 27 Dec 2022 10:31:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 65E3
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
55720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 27 Dec 2022 09:40:58 GMT
truncated
/ Frame FD0C
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24d269e3a7fb59704f63823b9ddca4d58e09913f76c51602e33ee5f5fd4d43ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 54FE
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
45384
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 54FE
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
45388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 54FE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
33476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 54FE
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
45388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 54FE
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 01:09:38 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 54FE
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 16:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 26 Mar 2023 16:52:04 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 37AB
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0846
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
33476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 15:51:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0846
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
45388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 12:33:10 GMT
11711248663230755333
tpc.googlesyndication.com/daca_images/simgad/ Frame 54FE
31 KB
31 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11711248663230755333?w=360&h=640
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99000638b24eb9cb48b3fdf6a83a0cf5ae3455d8c1f7dfcbff20e7e7599e1fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 07:02:35 GMT
x-content-type-options
nosniff
age
65223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31749
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 04:51:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 02 Jan 2023 07:02:35 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 4558
45 KB
45 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:800,300,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:58:51 GMT
x-content-type-options
nosniff
age
33047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 15:58:51 GMT
pixel
cm.g.doubleclick.net/ Frame EBBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YyMmNkMTJmNzQyMzY2YTNhZGFlOTFiN2U3ZTljNWQ4ZTU2ODg3Nw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YyMmNkMTJmNzQyMzY2YTNhZGFlOTFiN2U3ZTljNWQ4ZTU2ODg3Nw
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2YyMmNkMTJmNzQyMzY2YTNhZGFlOTFiN2U3ZTljNWQ4ZTU2ODg3Nw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame EBBF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EU5imzPjRei3XYDCCYYYlg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EU5imzPjRei3XYDCCYYYlg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EU5imzPjRei3XYDCCYYYlg
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4F2AZ39RFQ4TWWSC5FAE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EU5imzPjRei3XYDCCYYYlg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame EBBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC5J6FCK-1N-1XVN
0
707 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC5J6FCK-1N-1XVN
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7BA4FBCCBD9D43B6A00BFE8489AC4820 Ref B: FRAEDGE1118 Ref C: 2022-12-27T01:09:38Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwxOfqmAbsBhxxXN5CRQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC5J6FCK-1N-1XVN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EBBF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qAdjQakOQ9-wzeETtHYlfA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qAdjQakOQ9-wzeETtHYlfA
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qAdjQakOQ9-wzeETtHYlfA
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3TYZQ75P6DZSJSHK0V5B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=qAdjQakOQ9-wzeETtHYlfA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame EBBF
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame EBBF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGihPrFxf3Ag2rOJAAatGeE&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGihPrFxf3Ag2rOJAAatGeE&google_cver=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGihPrFxf3Ag2rOJAAatGeE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame EBBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vuvrwZaOiwAdZ6JWbXBLI8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ks4Dh7xE2oLBqlz3eojgcv6LZiO8YM5A7rJFVQ--~A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ks4Dh7xE2oLBqlz3eojgcv6LZiO8YM5A7rJFVQ--~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 27 Dec 2022 01:09:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ks4Dh7xE2oLBqlz3eojgcv6LZiO8YM5A7rJFVQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame EBBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM1SjZGQ0stMU4tMVhWTg==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM1SjZGQ0stMU4tMVhWTg==
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM1SjZGQ0stMU4tMVhWTg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 37AB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 54FE
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d681073adc093b62da9956b286140ad5c20706ca32917b5860b1b0da930ab0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0846
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 01:09:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 781D
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
489d3f86c7501555f04d2c93bc927ee70558938a4f6bba81a0a8675d3e6beba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11302
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 76D1
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6f26704b21c23b184d5415936006d9d80c900ff96b8519dd839055d6ea7cfe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11204
x-xss-protection
0
truncated
/ Frame 0846
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cec4b3c731ccda8a6a35e78502f306f06d4260d8d674e70951697fa08239ebd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 67AC
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=600&slotname=4962259768&adk=4138523913&adf=1480696130&pi=t.ma~as.4962259768&w=300&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103378089&bpp=14&bdt=87&idt=84&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=1&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=411543336&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1020&biw=1600&bih=1200&isw=300&ish=600&ifk=2245866495&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071220%2C44779794%2C44780792&oid=2&pvsid=814582641199474&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1i1vjyb7j50s&fsb=1&xpc=Xg2IovyTf6&p=https%3A//securityaffairs.com&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 23:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 23:24:06 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 93EC
52 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fcd745d749ae23c93b08e67902b0e7e200c55582089d889836cf17eafdafa79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 17:05:42 GMT
content-encoding
gzip
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 18:00:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
29036
x-amz-server-side-encryption
AES256
etag
W/"a52938865ee67aa3c133ae91fed83208"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
B0Oic4JCbKwwgEg1V1pBztWa2aC61Df1yZ7IOMhjOj79Mzmv7evCpA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame A27D
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
etag
W/"601b131c-27c"
expires
Sun, 26 Dec 2027 01:09:38 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
eb2.3lift.com/ Frame 5000
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 27 Dec 2022 01:09:38 GMT
setuid
prebidserver.pixfuture.com/ Frame 08D4
0
597 B
Document
General
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=APOm957h9Xhm-kRu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
0
pragma
no-cache
vary
Origin
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 65E3
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 23:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 23:24:06 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
8 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/logo.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb75061d0529c30262ed4d91a9ede7f2240beecc2d57cff6d8786c51e31d7ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 17:50:28 GMT
age
199150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2903
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 17:50:28 GMT
claim.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
12 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/claim.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0914db75a93e5db7e499797b18ccc093d66c07ad443e9d44babb957c4af4afc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 17:50:28 GMT
age
199150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3773
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 17:50:28 GMT
cta_text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
8 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/cta_text.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe434a2c8de75429fbf0fae000c368634cd57666ffa5b7b26522d3ea3ded5371
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 17:50:28 GMT
age
199150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2633
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 17:50:28 GMT
cta_pfeil.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
522 B
377 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/cta_pfeil.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed77a1728ca74290e131f1036ab8e5742c2397219a6d82a21544d4bddb87286a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 17:50:28 GMT
age
199150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
347
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 17:50:28 GMT
icon_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
7 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/icon_03.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f41e3e3da3bf9172a9560d07cabfd99f03a22b8a412ea4efa2e93fb22cdcaad8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 17:50:28 GMT
age
199150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2500
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 17:50:28 GMT
icon_03_text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
6 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/icon_03_text.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1219f47acf3eb1ca4e3a7e70fcb621f9efd58e306463dcee644ddfd3cbf7049f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Dec 2022 17:23:40 GMT
age
27958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2278
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Dec 2023 17:23:40 GMT
icon_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
4 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/icon_02.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09b77f9622e7838938c81f834552aa299d4a9839e70fd05b378cdbbe69e06956
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 09:39:05 GMT
age
228633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1921
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 09:39:05 GMT
icon_02_text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
5 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/icon_02_text.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b20f902f67506a2aabe23912bcc7283d074316af0a180435c6e095c2a8accfb3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 17:50:28 GMT
age
199150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2181
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 17:50:28 GMT
icon_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
4 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/icon_01.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428648d74a0dac400cb884a14f167430e62d2b45d1f7c46a6a24706bdff2765f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Dec 2022 17:23:40 GMT
age
27958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1881
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Dec 2023 17:23:40 GMT
icon_01_text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
4 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/icon_01_text.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8ef57b9f34d4f7309b6e329a8aae08306cd53febd2870f546e2fb35a0f46863
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Dec 2022 15:43:18 GMT
age
379580
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1628
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Dec 2023 15:43:18 GMT
produkt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/ Frame 65E3
43 KB
43 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11420239048482543822/produkt.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1672103378&url=https%3A%2F%2Fsecurityaffairs.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672103377953&bpp=10&bdt=76&idt=83&shv=r20221207&mjsv=m202212060101&ptt=5&saldr=sa&correlator=5932078296111&frm=21&ife=1&pv=2&ga_vid=2044728748.1672103377&ga_sid=1672103378&ga_hid=724147139&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1404&biw=1600&bih=1200&isw=728&ish=90&ifk=29117694&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531847%2C31071250%2C44780792&oid=2&pvsid=513558606028828&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.73ez24udbbj1&btvi=1&fsb=1&xpc=1cW3XXFbpZ&p=https%3A//securityaffairs.com&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31905ac0366264e9e5a7f471adc70c8cefad4ce8bd4f321cf2d10888b2faa9d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 25 Dec 2022 16:05:08 GMT
x-content-type-options
nosniff
age
119070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44339
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 09:23:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Dec 2023 16:05:08 GMT
Algovir_Packagings.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
26 KB
26 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Algovir_Packagings.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 25 Dec 2022 11:08:58 GMT
x-content-type-options
nosniff
age
136840
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27097
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Dec 2023 11:08:58 GMT
Check.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
585 B
399 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Check.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 13:35:06 GMT
age
128072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Dec 2023 13:35:06 GMT
CTA_mehr_erfahren_einzeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
5 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_einzeilig.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 11:18:42 GMT
age
481856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1689
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 11:18:42 GMT
CTA_mehr_erfahren_zweizeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
4 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_zweizeilig.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 11:18:42 GMT
age
481856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1265
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 11:18:42 GMT
Bubbles.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Bubbles.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 26 Dec 2022 17:44:06 GMT
x-content-type-options
nosniff
age
26732
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15028
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Dec 2023 17:44:06 GMT
algovir_Visual_Spruehstoss.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
14 KB
14 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_Visual_Spruehstoss.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 21 Dec 2022 11:17:52 GMT
x-content-type-options
nosniff
age
481906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14241
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 11:17:52 GMT
algovir_flasche.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_flasche.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 24 Dec 2022 20:47:51 GMT
x-content-type-options
nosniff
age
188507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20835
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 20:47:51 GMT
Viren.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4558
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Viren.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 22 Dec 2022 23:01:57 GMT
x-content-type-options
nosniff
age
353261
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7856
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Dec 2023 23:01:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 76D1
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 01:09:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 781D
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 01:09:38 GMT
GS.d
js.cookieless-data.com/ Frame A27D
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1672103378818
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Noisy-le-Roi, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0496
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a8478b0780df34dba12773d505b43ef2191c796bb5e55f5f2d6dfc33f81a644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11074
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1ACA
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 01:09:38 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 01:09:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9BA1
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Dec 2022 01:09:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0BC8
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 01:09:38 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 01:09:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 0F51
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 582F
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 01:09:38 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 01:09:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 5856
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
u.openx.net/w/1.0/ Frame B723
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame CEBC
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?informer=13480300
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 27 Dec 2022 01:09:38 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
checksync.php
contextual.media.net/ Frame 136B
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b48dc7e6e7aa55e0605a89d5bb6dd20a3a513000773f83f9e43352c0ba6c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=145701
content-encoding
gzip
content-length
8318
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Wed, 28 Dec 2022 17:37:59 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame E374
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Dec 2022 01:09:38 GMT
ETag
"623de86a-cf34"
Expires
Wed, 28 Dec 2022 01:09:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame AC26
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP010 /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
server
33XP010
x-33x-status
2000208
checksync.php
contextual.media.net/ Frame 9473
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b48dc7e6e7aa55e0605a89d5bb6dd20a3a513000773f83f9e43352c0ba6c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=145701
content-encoding
gzip
content-length
8318
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Wed, 28 Dec 2022 17:37:59 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame DCAF
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0B00
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30788
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 09:42:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 30BE
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30788
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 09:42:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 4EE4
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?informer=13480300
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 27 Dec 2022 01:09:38 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
checksync.php
contextual.media.net/ Frame A6BB
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b48dc7e6e7aa55e0605a89d5bb6dd20a3a513000773f83f9e43352c0ba6c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=145701
content-encoding
gzip
content-length
8318
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Wed, 28 Dec 2022 17:37:59 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F747
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30788
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 09:42:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 908E
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C3018%2C3017%2C214%2C3016%2C336%2C3014%2C337%2C338%2C70%2C77%2C38%2C2022%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b48dc7e6e7aa55e0605a89d5bb6dd20a3a513000773f83f9e43352c0ba6c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=145701
content-encoding
gzip
content-length
8318
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Wed, 28 Dec 2022 17:37:59 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CE37
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30788
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 09:42:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=b0sOn__IQutdhZBh07CnH4rHJoU&user_group=1&ssp=themediagrid
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=188&user_id=b0sOn__IQutdhZBh07CnH4rHJoU&user_group=1&ssp=themediagrid
Protocol
H2
Server
3.126.18.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-18-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=188&user_id=b0sOn__IQutdhZBh07CnH4rHJoU&user_group=1&ssp=themediagrid
Date
Tue, 27 Dec 2022 01:09:39 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 9BA1
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb5eaee534603a65897417e25029bcf8110a5ff3005d6254bf27d42f78f343e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 20:47:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70668
Connection
keep-alive
Content-Length
10067
Expires
Tue, 27 Dec 2022 20:47:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0496
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.com&bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 01:09:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7029
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:49:25 GMT
expires
Tue, 26 Dec 2023 22:49:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4527
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2ad4bf65c73b172bcda29e81a90e3b726955b26b1736e4961ecb58192a28f782
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aZtoni88eg2oc6A0hyoknA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-aZtoni88eg2oc6A0hyoknA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7A0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:49:25 GMT
expires
Tue, 26 Dec 2023 22:49:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0055
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e776741095961e2203d6dcd3404a52f7c721599486a6729f417057cf54bd458
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oFSfsrBIUIYaiyJA7Fq2hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-oFSfsrBIUIYaiyJA7Fq2hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 01:09:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame 0BC8
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:38 GMT
AN-X-Request-Uuid
fa468643-b53f-4b27-957e-15b02d4f19f0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1ACA
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
AN-X-Request-Uuid
23217706-86be-4099-aac9-14350a493b40
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 582F
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
AN-X-Request-Uuid
b9ab25c1-ea6a-47d0-b97f-35de99399585
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E374
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
AN-X-Request-Uuid
fa2add5e-b241-492c-aeee-4a2c3fd9b878
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0B00
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84348259&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
2df07c1005c503514db50049f19a48031361c0b321785ef8e6a038176948617b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0363
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Dec 2022 22:49:25 GMT
expires
Tue, 26 Dec 2023 22:49:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BB2D
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
db22cfba820acd97d6545efe1e00a77ea77a901c4a91ad488d3819da3e93022d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VZNPlKVJJTmlCYnhHRZ7kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-VZNPlKVJJTmlCYnhHRZ7kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:39 GMT
expires
Tue, 27 Dec 2022 01:09:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 4527
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1027461828469942&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 0055
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=814582641199474&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 7029
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 23:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 23:24:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4BCA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&gdpr=0&gdpr_consent=
42 B
326 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 27 Dec 2022 01:09:39 GMT
Expires
Tue, 27 Dec 2022 01:09:38 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x27 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F983
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8566938860017115433
42 B
274 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8566938860017115433
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8566938860017115433
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1DCC
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 01:09:38 GMT
expires
Tue, 27 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
618691
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 31F4
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A9BCB108-9449-454D-B335-D4070369B19E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 27 Dec 2022 01:09:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KT0RN9BRMEWK9PKDG0JB
Pug
simage2.pubmatic.com/AdServer/ Frame 6E16
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3753192772487348625&gdpr=0&gdpr_consent=
42 B
237 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3753192772487348625&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
0d177da0-24a1-4589-b973-48e98ffdff8b
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Dec 2022 01:09:39 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3753192772487348625&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 41B7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId
42 B
420 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 27 Dec 2022 01:09:39 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 50B9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181629324047874194&gdpr=0&gdpr_consent=
42 B
243 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181629324047874194&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 27 Dec 2022 01:09:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181629324047874194&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame B14E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7by6K9XLTiJzJjvWci2aQYrHJoU
42 B
299 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7by6K9XLTiJzJjvWci2aQYrHJoU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Dec 2022 01:09:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7by6K9XLTiJzJjvWci2aQYrHJoU
Pug
image2.pubmatic.com/AdServer/ Frame E8EF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFMNG5FN0hWSXdBQUI4WmlqQ3o4QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAL4nE7HVIwAAB8ZijCz8A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAL4nE7HVIwAAB8ZijCz8A&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL4nE7HVIwAAB8ZijCz8A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2874718450242626855&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAL4nE7HVIwAAB8ZijCz8A&gdpr=0&gdpr_consent=
42 B
200 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAL4nE7HVIwAAB8ZijCz8A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAL4nE7HVIwAAB8ZijCz8A&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F070
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6pF0gAGgYicXwAe&gdpr=0&gdpr_consent=
1 B
219 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6pF0gAGgYicXwAe&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 27 Dec 2022 01:09:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6pF0gAGgYicXwAe&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220031-HHN
x-timer
S1672103379.157217,VS0,VE0
i.match
s.tribalfusion.com/z/ Frame FE7F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77fe2c090f2a9136-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77fe2c07fe139136-FRA
content-type
text/html
date
Tue, 27 Dec 2022 01:09:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
106
Pug
simage2.pubmatic.com/AdServer/ Frame 3F28
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 01:09:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 27 Dec 2022 01:09:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 3BE2
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 27 Dec 2022 01:09:39 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-899a07a97463@version_1.531
X-core-time
0ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame 7744
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1672103379212
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1712290130
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1712290130
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 27 Dec 2022 01:09:39 GMT
etag
RX8a21e4c230544a20bc04787d9fa1811a003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1712290130
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame 70FF
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 3285
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 27 Dec 2022 01:09:39 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
Pug
image2.pubmatic.com/AdServer/ Frame 8B19
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=ef4efd864387b00aac9b8e465cd3983d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSQQMTQaQnQjgMaY
42 B
201 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSQQMTQaQnQjgMaY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSQQMTQaQnQjgMaY
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0B00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qbyxCJRJRU2zNdQHA2mxng%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=30787
accept-ranges
bytes
content-length
5554
expires
Tue, 27 Dec 2022 09:42:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0B00
95 B
193 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A9BCB108-9449-454D-B335-D4070369B19E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77fe2c07cdd69000-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 0B00
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.69
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 0B00
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A9BCB108-9449-454D-B335-D4070369B19E
0
16 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A9BCB108-9449-454D-B335-D4070369B19E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
via
1.1 google
last-modified
Tue, 27 Dec 2022 01:09:39 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A9BCB108-9449-454D-B335-D4070369B19E
date
Tue, 27 Dec 2022 01:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTlCQ0IxMDgtOTQ0OS00NTRELUIzMzUtRDQwNzAzNjlCMTlF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSBUZRt66JV1Khkdpes0Nw&google_cver=1
42 B
377 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSBUZRt66JV1Khkdpes0Nw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSBUZRt66JV1Khkdpes0Nw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0B00
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Dec 2022 01:09:39 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0B00
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4944545381506514044
42 B
219 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4944545381506514044
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4944545381506514044
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
A9BCB108-9449-454D-B335-D4070369B19E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0B00
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A9BCB108-9449-454D-B335-D4070369B19E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:3fa2:8fc7:943c:2dee Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A9BCB108-9449-454D-B335-D4070369B19E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f7dj.yVE2uXBRKd_HMvewF8FCJD99lg-~A&gdpr=0&gdpr_consent=
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f7dj.yVE2uXBRKd_HMvewF8FCJD99lg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f7dj.yVE2uXBRKd_HMvewF8FCJD99lg-~A&gdpr=0&gdpr_consent=
date
Tue, 27 Dec 2022 01:09:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=3cc3d1c5-db0a-4568-b938-bd825b91342b&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cd1da563-5f45-4d79-a662-88b9eb72e77d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
245 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cd1da563-5f45-4d79-a662-88b9eb72e77d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 01:09:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cd1da563-5f45-4d79-a662-88b9eb72e77d&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 27 Dec 2022 01:09:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0B00
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf-63aa45d3-5858&gdpr=0&gdpr_consent=
42 B
310 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf-63aa45d3-5858&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf-63aa45d3-5858&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:38a17983-4d19-43ad-a1ed-a3797ce5b4fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:38a17983-4d19-43ad-a1ed-a3797ce5b4fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:38a17983-4d19-43ad-a1ed-a3797ce5b4fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3185414693727396622&gdpr=0&gdpr_consent=&us_privacy=
1 B
406 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3185414693727396622&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 01:09:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3185414693727396622&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0B00
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3753192772487348625
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3753192772487348625
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 27 Dec 2022 01:09:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eecfded0-121b-4ce8-a7da-ac018f06bb91
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3753192772487348625
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame F7A0
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 23:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 23:24:06 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 0363
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 23:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Dec 2023 23:24:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BB2D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=513558606028828&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ptrack
a.audrte.com/ Frame 93EC
368 B
898 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=138.199.38.133&p=M1353665098&artime=2022-12-27T01:09:39.352Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGcHJlYmlkc2VydmVyLnBpeGZ1dHVyZS5jb20lMkZzZXR1aWQlM0ZiaWRkZXIlM0RlcGxhbm5pbmclMjZnZHByJTNEJTI2Z2Rwcl9jb25zZW50JTNEJTI2ZiUzRGIlMjZ1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=c2VjdXJpdHlhZmZhaXJzLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
477682cd82a5ec977e5bf9156bb07a48f6374a1b074a98c76ab7cbcb6ac8651f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:39 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 93EC
155 B
643 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Dec 2022 18:10:12 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
25168
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 21 Dec 2022 18:00:16 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
A317gyG6zqUP-rOJ5gkDKphburX-pXHglJJ0CH-h-nQnTkV5MtKihQ==
data
bcp.crwdcntrl.net/6/ Frame 93EC
60 B
337 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b491b900e6602635590201c6944ee32f6f04165a137fdf00ebe91d36b3297b73

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.18.17
access-control-allow-credentials
true
content-length
60
expires
0
generate_204
tpc.googlesyndication.com/ Frame 7029
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?g3fLhQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame F7A0
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?bJxamQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0363
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?PyH9qg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
ps.eyeota.net/ Frame 93EC
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=0li99wEkjaZR02dye56YYX4pA&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:39 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 93EC
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4944545381506514044
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 93EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0li99wEkjaZR02dye56YYX4pA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0li99wEkjaZR02dye56YYX4pA&gdpr=0&gdpr_consent=&google_gid=CAESEKYzpqAdsurGRHNmNVwRWxk&google_cver=1
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 27 Dec 2022 01:09:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FD0C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6iz8VdvrZmoqqh5KNkdJQmS2HehN3U62LypYOKDY98AmHWDQ9sQOwUM_GtltxYrFTUxjxW8Xr2zIw8dNheSxncYSsSrY7PFn2D4AGonNuhf-o-Hn_RW2rI4OblKUa0P-sqNWHEA&sai=AMfl-YSMKYK9Q7nxZRkp853SpJzZYj6RtTpj5dBPft1QIrJCNH-gLtjjVAilWmFaYPG1JmYIY3y12LCf32hsAAs&sig=Cg0ArKJSzGASYVojMyo3EAE&cid=CAQSGwDq26N9C1zRZ1b8PCT9UoiFtKAnr-Dz-rEHVRgBIBM&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2470624294&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672103378086&rpt=477&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0BC8
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:39 GMT
AN-X-Request-Uuid
15c60a66-8759-4d4d-8bdf-0761509fbf8d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1ACA
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:40 GMT
AN-X-Request-Uuid
7626c8c8-9665-4d15-8f81-4355c6344694
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 76D1
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1027461828469942&bg=!WlmlWR3NAAYgquz3AKo7ACkAdvg8WrMnH_o9W_tmlqQlS3PSwxRkzmdi95Y6hqqvOWJczpY_pY58rAIAAAEZUgAAAAVoAQeZAxD6FGyc26QjLFU89YLn-d5q1RLN8EdBRLX-W9CoYGLi-9vvcsyvWeUN9OsjwVPuvLdZQZevgLmP5pGhgIu1SBFn2jlfH8GQ1AxBEVinLdk8eXnBuGX4ZNaj3LuG7M5B65rf4SzqpP7mgaEMdRSE6uLXuy1ovVWK6acnn6p5jhdFWnNFYE1FzYBOhl_te5s6EdMPFoJcoemUDPu6iMpekMLkNSsQCeoS8dj_jEPIWWUD0Jza3UmQuSXmTBSw--RKZ1jdFkky5arXVcVNEtWrZCZ-9x615cwi6rSAMgzRp-VxR5t_5VZ38z_oRVNySDREgW9ebgNHTJG28Z327SnPuExjknYdAZMT_GPFO8Et8IXFZ9OD0HyUij3CUJ8UplzMmZLKD5VWcd7wCTB7BfkVxM2B7zMZk_hSSwwKGGoyTQ_YxnAU8hHhTJTLHk3Rh6dCwE-P0HiYNYUBykjilQBi6xgmzoDJG956URYEvYlanICx4UgTE4smYrvf5N7BtaWei2vt6eTT1J7RGnOgvhLdMj_g43jOv4ZEJoBw8U0KRMA_ErtqSIbLUQSo1a0AHMsxWdIwOcuhzWZAW2nfiL65rYZ4M5AxQCDBxA9heIREyXvycwRw6A3cY0FMyJ3bC8CfntsOIfMAx_iMJ8dVViQdlexDmO6RUXxpcHyhe2lvMrQ8q1ECSyA5oAWoojIds68Xjrr70HuiOHfHd1bfkjUV2BqUyX8XtS_4BClIZ2AaYKxPofefx0gEh8gtl62AnTXOs2A_MFnNtatQnXJQ-nR1KNpUw9u8MisV6-6-BFEO5r76t8tDMaywbLun0AwokgqDAMHos7lJeLoIOJ5Ezt8g67VxGBESAJ2Ckla6mKYXppLmKWG1KgIqI5sNw64de-YSZAJn9D4oIhrMprLpu7afB72cvV_c7YFRFmZeKgG02zErcflOhTCgicBRTExTkeSQ_DMBMqlBJyajJUWmhqqOPSHcsHEQBLZV_ZHmMQZPsEjNWT87qM2FCqM-f7xc5WunvNEfg9pyKDn6n2EnWWBIHiv0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 781D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=814582641199474&bg=!1tWl1ZHNAAYgquz3AKo7ACkAdvg8Ws_pIK4B4oVJejpx55701Q9qi3Kuh4HvoDlZhbebxByr6vRSuAIAAAEPUgAAAANoAQeZAvp9WNzhLpSWnBpp5UYLAHDotwm_DzunnUD2-OMA3WcMROfCGA6ll2WmEiNcM4oDTY9jqW4IOiWGPkQrNZ3x7ROkVXwrxyI7c5VQQDqMcfEIeJw3kDpmUuUUGYUvTJTvtTlzl7DgM17-VhXa07yZoLEAofOvBFzdM4CpjdRUx49IxnpFVDFCGB2iwU4pwpYlgagtde-atWj_W3epOEc7wf5N-mEMBAGIJKyKN1ZoTU41GQywwUtr4K_eBU75VfUdKqvmlqVZbYf9-D41fSU52fL7Rm3tP1ayTOaXFETy0HwSue_Da2yNMhwzhqzZQVOFFHGwXZyY8aJ751iMHaztqJ-kPGOJ7ItoeMVyrRcoQoCXD-BTJ5cZuISSh3wf3eFqVDBNLfIVR6pNTtZVFhih_8RUx7yjKJkuOyszCYAnup6IucS_DDLhSJCrS8TuNRRbJA_zIwOIkV0OTtpckve273qvUWS0M2dzRxgcAB-0UecPjot7Qtg441E734zDWV0zFZu-ZAcXyT1CJwesDecQJgk0Gj5y9WZf40J-7W-s5OMnXwO5y1cHaKX2oh4hRL1ryOwa9qXc1h7lxFb9M5pR0o6IBx6DRzOIbcxXvsQz_MO6b--wxu7lzVfiqyA9FEqIG0PIcLX-TrwYKBjFQL3-t97jjhkoHYI-83g9joRDQrFpiJhuV5aqtSR3UA66Un2HS648wvBKU567W5na_qESElVPmH4Kvz3kC_NAjP3wl3RJCvCcwGsg8aQIhtORvTVtHJnPMJPCWt9UVU9b5KbKzScAO4_QRda4v1MaoqJTxrEpl203_Pd-d8vLL59ua663XoltWTTy22gzDx1HYsVVpzOJwNpUrkXCAnMBi7HvAvL3AjjIjEwQQLqqIE3Dy6EbPRRpa63e53z9vB-7mypTBtJ0lVEqoltEPKHVzw90wyM2G1qCXp6xTgu_rkxmd1fG4-1_8Q8tjXXkj7KTu4p5vJzJxmsKfC68c-7TqFghI7Or7bvDAtWbApfyz_U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 0496
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=513558606028828&bg=!y8ilyIzNAAYgquz3AKo7ACkAdvg8Wn5pb67Venq5HzfMgGWquthbrl-gSxEZbbKLRAa1okeSUUQbQQIAAAC7UgAAAANoAQcKAFa0Tk6aAT2zt13rZyvbNcPmqy1rHS-NIfhV9yeXt6yLUVWFmPVVZFOTJQl7hVdpac_OPFhOmush_Dtu-WB15vj2Lh4SH913D3ru6_2h8du5Ou_LDYa7wZkDAubsrSh_ZQ4x3wql3WTJqCYCNrJDGcBfSYsGjLvIeXGnO9UJOsmYBhkrj5KM6FDQ85RRwWzHvNrzRx6AJgz2gMYtJ-aChoimYwUIeksk_Zt_BwQAqaHge44UcDMax7uPOp8xbqNUYF0a6mLDb0Niwm1bCVlb68T69Q95Wyc9Iju2fAelTJ6BFu42z6aUpRiOzL59pDNkRk0RJadC-nm0r6h-aVYLsOqXB3SonJNkJgpfdbdnM7HSp3D3LLbrm-RhSzuoJ8IPnwac_jwUBywkMZ1ttauqA_uA1o5AHQWoBNhmlPailPf-NE3neVJHdfHVLFlBFPnF0kbVKqGftPXhp4gZIYbL-whE-woAblfPAMJJWw9w1RTV_eGac4YdiDHCgexTg_Ktazq0BxoOgYAKyUM0rFrce79FqNM0x7OrPRmvtCaprUAUepSufDEqv3h8aV8YDkDtQ7WZw_J1_LmaozZSng9poILf4PCic6-kKPOtESCD6n7o6pVy7anlDYpkfxXGMXna8owocV1ShMIxmKK6EfOMJKvATPgFl0PxDg_-LAeVjvZb0LUa6lv7gzp5x4-w-HPLgAc55NzhHS-U3aFYLrLlxDrLtPFWKDNLcdxKJi0e78UVT3xIyfUw5oO74DD1HuZ9JyZLUDUPBtUlEkqxsEb6EReJZuKoLsZjlA_hi3DN4_yffgqsxDYURwx0njNX3imrbVitXBq9vM_KuEWTXZCvmOPVEMh3ZY_KPm88OwyiPR4jX-X2S_yzGM83cwW2ybTaVq0QCE35SZ3FyAL-jSaYhHL0qJ1RwqLycgE58OkdtEmEMM60ffRM1CDakfIKqwGiqMenmtcTuNBZwLLz2moygZvOubJj1zPU1r8qVZWxOKREaWXmYOp7pv0vIqfdHQaq6aZ3ABdbmbrSzTfS7uwmey9aSwv1FjI54gYYOfv7EaMjhmat8dIty4qYHDz9jkrS9L5ZVKT7JWrgzrWjxVsComFSF9R1lO2fE052Vgn3VIxWHHQWNDn2jp7lqZPJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

async_usersync
ib.adnxs.com/ Frame 582F
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:40 GMT
AN-X-Request-Uuid
496fd6f0-b867-4fdc-835b-5ca6fb1ab8be
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E374
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 01:09:40 GMT
AN-X-Request-Uuid
5772cca6-2b62-4bc2-b8a6-a96ea168dffc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0B00
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:09:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 30BE
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49396850&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
b09e11efb02422c5471cbae6fa028dad2ee0ff557b37b704fe863613a0f7bde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 Dec 2022 01:09:41 GMT
content-length
1148
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame F747
1 KB
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69867535&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
b09e11efb02422c5471cbae6fa028dad2ee0ff557b37b704fe863613a0f7bde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 Dec 2022 01:09:42 GMT
content-length
1148
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame CE37
1 KB
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32308085&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
b09e11efb02422c5471cbae6fa028dad2ee0ff557b37b704fe863613a0f7bde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 Dec 2022 01:09:42 GMT
content-length
1148
content-type
text/html; charset=UTF-8
cm
ipac.ctnsnet.com/int/ Frame A235
43 B
369 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 27 Dec 2022 01:09:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame C2B6
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zb197473kau
42 B
289 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zb197473kau
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 27 Dec 2022 01:09:42 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zb197473kau
lws
35
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame CA42
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 01:09:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 27 Dec 2022 01:09:42 GMT
expires
Mon, 26 Dec 2022 01:09:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
p
a.audrte.com/ Frame 30BE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A9BCB108-9449-454D-B335-D4070369B19E
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 27 Dec 2022 01:09:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 30BE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:47 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:47 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 30BE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Dec 2022 01:09:42 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 30BE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 01:09:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
p
a.audrte.com/ Frame F747
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A9BCB108-9449-454D-B335-D4070369B19E
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 27 Dec 2022 01:09:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame F747
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:47 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:47 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame F747
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Dec 2022 01:09:42 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/ Frame F747
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Protocol
H2
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.8
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
cm
ipac.ctnsnet.com/int/ Frame AD53
43 B
203 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 27 Dec 2022 01:09:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 823F
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kiqhm630j3ol
42 B
289 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kiqhm630j3ol
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 27 Dec 2022 01:09:42 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kiqhm630j3ol
lws
224
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2604
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 01:09:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 27 Dec 2022 01:09:42 GMT
expires
Mon, 26 Dec 2022 01:09:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
p
a.audrte.com/ Frame CE37
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A9BCB108-9449-454D-B335-D4070369B19E
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-191-77.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 01:09:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 27 Dec 2022 01:09:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame CE37
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:47 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:47 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A9BCB108-9449-454D-B335-D4070369B19E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame CE37
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Dec 2022 01:09:42 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A9BCB108-9449-454D-B335-D4070369B19E&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/ Frame CE37
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Protocol
H2
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 01:09:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.9
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
cm
ipac.ctnsnet.com/int/ Frame 9DA7
43 B
203 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 27 Dec 2022 01:09:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 3DB4
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wklurrrn59c
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wklurrrn59c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Dec 2022 01:09:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 27 Dec 2022 01:09:43 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1wklurrrn59c
lws
124
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9C06
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 01:09:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 27 Dec 2022 01:09:42 GMT
expires
Mon, 26 Dec 2022 01:09:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FED4E38E6C46471CB9F25F3A275BC2DB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securityaffairs.com
URL
http://securityaffairs.com/wp-includes/js/twemoji.js?ver=7f328e8ac89ab883d5ef4a32c2877c9d
Domain
securityaffairs.com
URL
http://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=7f328e8ac89ab883d5ef4a32c2877c9d
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2194730263&i4=138.199.38.133&r=https%3A%2F%2Fsecurityaffairs.com%2F&r=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| mnetCustomerData function| injectMnetScript object| _mNHandle string| medianet_versionId object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing function| gtag object| dataLayer object| click_object object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| _stq function| st_go function| linktracker_init object| wpcom object| _mN function| logFailoverPing string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| headerBidParamObject object| attrData string| pxft_clear_cache_flag undefined| pxft_first_init_activated undefined| attrDataArray object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture object| ID5EspConfig boolean| isPending string| prebid_file function| findCMP_PixFuture object| pbjs_pixChunk object| pbjs_pix object| _pbjsGlobals object| mnet boolean| _pxft_iel_init boolean| pxft_first_init_iel_activated object| __connect object| googletag object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

130 Cookies

Domain/Path Name / Value
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.com/ Name: _ga_8ZWTX5HC4Z
Value: GS1.1.1672103376.1.0.1672103376.0.0.0
.securityaffairs.com/ Name: _ga_P62M3QN974
Value: GS1.1.1672103376.1.0.1672103376.0.0.0
.securityaffairs.com/ Name: _ga
Value: GA1.2.2044728748.1672103377
.securityaffairs.com/ Name: _gid
Value: GA1.2.448759477.1672103377
.securityaffairs.com/ Name: _gat_gtag_UA_59069958_1
Value: 1
.agkn.com/ Name: ab
Value: 0001%3AzCl6mA9Kq5FL%2B50nyzKoLr2SzbW5T4tI
securityaffairs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.securityaffairs.com/ Name: _pubcid
Value: 782acc94-2fc3-4314-bd62-ae66116feb94
securityaffairs.com/ Name: _lr_retry_request
Value: true
securityaffairs.com/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: uuid2
Value: 3753192772487348625
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GTzvTDM`!]tbP6j2F-XstGt!@DHU$_>](
securityaffairs.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-27T01%3A09%3A37%22%7D
.securityaffairs.com/ Name: cto_bundle
Value: rWXPB195Q0hvOXlHVVVMN3AlMkJWVnlmRDl1aFJObHJJUVRrR3p6SEFmUWFiT2V0bHJpcjFZdmVvTHEzcUE4VlJoWXFlZUNLR3VUalUydVZxbXc1Z3BBJTJCRFVXb0h3dGpRcURCcFRnSndoNTVOWndpa1lWV3psVzV5WHlhaG9oampaSm91SEo
.securityaffairs.com/ Name: cto_bidid
Value: U3D0OF9xRiUyQmZIeGhCemltd2FZdmN4UDRLJTJGMjZPRmUxSmJtTUZrcExGRVkyNlVpVjRCb2YwUEtRVjlyZG1GdDZrJTJGUnBWMnRGUDBsYXQyRWl2ZThNZmdxZU1IQSUzRCUzRA
.rubiconproject.com/ Name: khaos
Value: LC5J6FCK-1N-1XVN
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr0sGB31T/ajnjc0/aJelRdbjRFtGIHH0vR1fqA5ZiZqneO3b/m6CozzYmEmZ/QEGXIxIvkAgQ2rTOZUHL6E73cMj20TaXysiPQD5U7tEfUTQ==
.bidswitch.net/ Name: tuuid
Value: cd1da563-5f45-4d79-a662-88b9eb72e77d
.bidswitch.net/ Name: c
Value: 1672103377
.bidswitch.net/ Name: tuuid_lu
Value: 1672103377
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s85181|Y6pF1
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: APOm957h9Xhm-kRu
.zeotap.com/ Name: zc
Value: 61637e58-9d4a-4515-660f-55dd698f0260
.zeotap.com/ Name: zsc
Value: %CC%7B%C7%FAj%C3%3A%D0%D9%D0A%19ck%AA%AF5%FE%B9q.%0B%94O%3A%A4LC%09h%9F%B0Q%15%22%F0E%5E%F2%A7%A0%C5%A4Q%01%D05%C1r%7D%5Cu%40%93%CE%91%99%C4%A2%23%AFw%8F%C9im%AE%C2e%CF+%1B%7B%DC%C7%DD%ED%3D%ACy%C8%28%3C%D9%3B8e%B2%016F%40E%C9%11%CDM%DE%AF%01c%D6%E1y%B1z%FE%24%12%03%D3Zlx%148%FB%F0aHS%BD%91%8E%DAQ%29%BB%03%C6%D2%D5%89%7D%C9%DC%7F%EA-d%CCH%D5%AA%0BFX%90%CE%9Ar%8A%D5%F0%08%2B%2A%CB%09%D4%D7%3B%BF%8AMD4%9E%87%1F%19
.casalemedia.com/ Name: CMID
Value: Y6pF0hYELjUEWCLEfBNwuwAA
.casalemedia.com/ Name: CMPS
Value: 5167
.casalemedia.com/ Name: CMPRO
Value: 5167
.securityaffairs.com/ Name: __gads
Value: ID=b961e2f592438267-226b41746bda006a:T=1672103378:RT=1672103378:S=ALNI_Mbnjwl-HTZpdK7zfT_1otNrCvT9JA
.securityaffairs.com/ Name: __gpi
Value: UID=00000b9906dd7a39:T=1672103378:RT=1672103378:S=ALNI_MbzOTqZNz3Wf08fjYnBevMRUVq3YQ
.tapad.com/ Name: TapAd_TS
Value: 1672103378269
.tapad.com/ Name: TapAd_DID
Value: 1547b942-12bc-47cf-a47b-20940e7892c9
.doubleclick.net/ Name: IDE
Value: AHWqTUnnTY4AWSSK5CpxvZ7XByELpwbo8ewbvikUflgIWGKe-tl-bZXNtakuZ_wc_OM
.turn.com/ Name: uid
Value: 3185414693727396622
.adfarm1.adition.com/ Name: UserID1
Value: 7181629324047874194
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.weborama.fr/ Name: AFFICHE_W
Value: fwpR@3irHDJ-95
.tidaltv.com/ Name: tidal_ttid
Value: 514039a0-0c78-461d-9329-508d04ef129f
.company-target.com/ Name: tuuid
Value: 663f8539-6f73-4305-932e-cd7305dd9318
.company-target.com/ Name: tuuid_lu
Value: 1672103378
.casalemedia.com/ Name: CMTS
Value: 5246
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjYxsTK0MAIAigq34wkAAAA="
.krxd.net/ Name: _kuid_
Value: PSCgT_d3
.richaudience.com/ Name: avcid-zeo-uid
Value: 61637e58-9d4a-4515-660f-55dd698f0260
.yahoo.com/ Name: A3
Value: d=AQABBNJFqmMCEGNGxeVIb6nbQHf-n8PvaysFEgEBAQGXq2O0YwAAAAAA_eMAAA&S=AQAAAiNmOMSeNovvbgfZ3rznyk4
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6pF0gAGgYicXwAe
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-f0a6e406-9bca-303c-9c97-780e205c23ac
prebidserver.pixfuture.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQVBPbTk1N2g5WGhtLWtSdSIsImV4cGlyZXMiOiIyMDIzLTAxLTEwVDAxOjA5OjM4LjY5NjQ1NTUzMloifSwiZ3JpZCI6eyJ1aWQiOiJjZDFkYTU2My01ZjQ1LTRkNzktYTY2Mi04OGI5ZWI3MmU3N2QiLCJleHBpcmVzIjoiMjAyMy0wMS0xMFQwMTowOTozNy43NDgzMzczNDlaIn19LCJiZGF5IjoiMjAyMi0xMi0yN1QwMTowOTozNy43NDgzMjMxNTdaIn0=
.fwmrm.net/ Name: _uid
Value: "o1334_7181629324041825198"
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&490b9c37-0208-45b8-878f-3e6475dd7847"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzIxMDMzNzg7MjswMjH9NqjKVdUuzgOn3+aSh5UbFnG5WA6nD4nI8go1bHeIRg==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2895:u=1:x=1:i=1672103378:t=1672189778:v=2:sig=AQHh7FcCjTheIHMksZYndtjwZIv0BRaf"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mathtag.com/ Name: uuid
Value: d76563aa-45d3-4300-a2c2-38241bf5d3fb
.amazon-adsystem.com/ Name: ad-id
Value: AxRnKeVtTUaBh09PRJXryDg
.go.sonobi.com/ Name: HAPLB8S
Value: s85192|Y6pF1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A9BCB108-9449-454D-B335-D4070369B19E
.analytics.yahoo.com/ Name: IDSYNC
Value: "19ah~292p:18z8~292p"
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EJMBCwH0J_ijAA
.quantserve.com/ Name: mc
Value: 63aa45d3-2e189-247a5-61811
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3185414693727396622&KRTB&23150-3185414693727396622
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3753192772487348625&KRTB&23339-3753192772487348625
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y6pF0gAGgYicXwAe&KRTB&22978-Y6pF0gAGgYicXwAe&KRTB&23194-Y6pF0gAGgYicXwAe&KRTB&23209-Y6pF0gAGgYicXwAe
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7181629324047874194&KRTB&23278-7181629324047874194&KRTB&23369-7181629324047874194
.adform.net/ Name: uid
Value: 4944545381506514044
.sitescout.com/ Name: ssi
Value: b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf#1672103379217
ads.playground.xyz/ Name: connect.sid
Value: s%3Ay5Fqw1W-Qoz6FBm9NZX84cuIH-QCfsZI.cTpbCwtRVb%2F1PkMpRBQB8l3WXofCXdFj%2F34qT8fLgeA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8a21e4c2-3054-4a20-bc04-787d9fa1811a-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.simpli.fi/ Name: suid
Value: FED4E38E6C46471CB9F25F3A275BC2DB
.csync.loopme.me/ Name: viewer_token
Value: b80cdf5b-6347-4525-9bab-62fa24b032c7
.adsby.bidtheatre.com/ Name: __kuid
Value: 38a17983-4d19-43ad-a1ed-a3797ce5b4fa.441317379
.de17a.com/ Name: guid
Value: 1.8566938860017115433
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBSBUZRt66JV1Khkdpes0Nw&KRTB&16514-CAESEBSBUZRt66JV1Khkdpes0Nw&KRTB&23025-CAESEBSBUZRt66JV1Khkdpes0Nw&KRTB&23386-CAESEBSBUZRt66JV1Khkdpes0Nw
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId&KRTB&19420-Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId&KRTB&22979-Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId&KRTB&23403-Iy9XaiEpUjg4LlM6LSUbOSErVz44KgczJC3FJaId
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY3MjEwMzM3OTI3MH0
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4944545381506514044&KRTB&23263-4944545381506514044
.onaudience.com/ Name: cookie
Value: b8ddf7d0dedcaf03
.onaudience.com/ Name: done_redirects161
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 26832446083170482581220194843958151084
.demdex.net/ Name: demdex
Value: 26832446083170482581220194843958151084
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8566938860017115433
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf-63aa45d3-5858&KRTB&23418-b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf-63aa45d3-5858&KRTB&23424-b4c76bb5-6e2e-419e-bdbf-a2d575f04cbf-63aa45d3-5858
.bidr.io/ Name: bito
Value: AAL4nE7HVIwAAB8ZijCz8A
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-7by6K9XLTiJzJjvWci2aQYrHJoU&KRTB&23334-7by6K9XLTiJzJjvWci2aQYrHJoU&KRTB&23417-7by6K9XLTiJzJjvWci2aQYrHJoU&KRTB&23426-7by6K9XLTiJzJjvWci2aQYrHJoU
.scoota.co/ Name: tuuid
Value: 3cc3d1c5-db0a-4568-b938-bd825b91342b
.scoota.co/ Name: c
Value: 1672103379
.scoota.co/ Name: tuuid_lu
Value: 1672103379
.audrte.com/ Name: arcki2
Value: 0li99wEkjaZR02dye56YYX4pA!20220908!1672103379407!ip#138.199.38.133
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&KRTB&16736-uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&KRTB&23019-uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb&KRTB&23208-uid:d76563aa-45d3-4300-a2c2-38241bf5d3fb
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhSQQMTQaQnQjgMaY
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6f4b0e9f-ffc8-42eb-5d85-9061d3b0a71f.CkKeQms1jic5qqUEr2DaU9TsLacpsARq8D0V3MJmNsc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ab0sOn__IQutdhZBh07CnH4rHJoU.ekhYYelTWiglYdHrEYBYJ0xm%2BXGoMsZRM8fQkiKprnU
.eyeota.net/ Name: SERVERID
Value: 17958~DM
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-cd1da563-5f45-4d79-a662-88b9eb72e77d
.tribalfusion.com/ Name: ANON_ID
Value: abnseFxlqLknJVsPUq7wDsAM3FeKZchPYoRZdcZbtSFFO2lbYsh813HAVmKq3gawueXJPvABZdQtpUSeAFDMQkTt
.audrte.com/ Name: arcki2_ddp
Value: CAESEKYzpqAdsurGRHNmNVwRWxk!20220908!1672103379555
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 82d1ba66f3dc2da8
.audrte.com/ Name: arcki2_adform
Value: 4944545381506514044!20220908!1672103379663
.smartadserver.com/ Name: pid
Value: 2874718450242626855
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAL4nE7HVIwAAB8ZijCz8A
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAL4nE7HVIwAAB8ZijCz8A
.pubmatic.com/ Name: SPugT
Value: 1672103380
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158127:4
.pubmatic.com/ Name: DPSync3
Value: 1673308800%3A219_201_227_245_241_235_226_221
.pubmatic.com/ Name: SyncRTB3
Value: 1673308800%3A165_243_56_176_166_8_55_238_88_220_21_161_3_254_7_214_81_54_22_71_233_99_251_204_13_234%7C1672704000%3A15_2_223%7C1677283200%3A69%7C1673395200%3A35%7C1672963200%3A63%7C1674691200%3A203
.ctnsnet.com/ Name: cid_5c0eef21d0bf4c7a9fa347d96eadd626
Value: 1
.ctnsnet.com/ Name: cid_610475bc9e774462928a0c27cc9d3354
Value: 1
.ctnsnet.com/ Name: cid_ac6d92b2ec4d4d30be2848ed75683af7
Value: 1
.fiftyt.com/ Name: cs
Value: MTY3MjEwMzM4MnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJncsRhRHiFr_KVOqOaFKIstJfx9BI2l15qM7rhSoLiz
.fiftyt.com/ Name: fifid
Value: 08613cff-3881-42b4-595f-8c76a1461b8a
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.audrte.com/ Name: arcki2_pubmatic
Value: A9BCB108-9449-454D-B335-D4070369B19E!20220908!1672103382199
.fiftyt.com/ Name: fppm
Value: 20221227010942
.semasio.net/ Name: SEUNCY
Value: D3FCDE2BF52232E4
.gammaplatform.com/ Name: _aGeoIp
Value: JP|Shizuoka
.gammaplatform.com/ Name: _aUID
Value: 1wklurrrn59c
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1wklurrrn59c&KRTB&23446-1wklurrrn59c
.pubmatic.com/ Name: PugT
Value: 1672103381

16 Console Messages

Source Level URL
Text
security error URL: https://securityaffairs.com/(Line 200)
Message:
Mixed Content: The page at 'https://securityaffairs.com/' was loaded over HTTPS, but requested an insecure script 'http://securityaffairs.com/wp-includes/js/twemoji.js?ver=7f328e8ac89ab883d5ef4a32c2877c9d'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.com/(Line 200)
Message:
Mixed Content: The page at 'https://securityaffairs.com/' was loaded over HTTPS, but requested an insecure script 'http://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=7f328e8ac89ab883d5ef4a32c2877c9d'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://securityaffairs.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://securityaffairs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://securityaffairs.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2194730263&i4=138.199.38.133&r=https%3A%2F%2Fsecurityaffairs.com%2F&r=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress' from origin 'https://securityaffairs.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2194730263&i4=138.199.38.133&r=https%3A%2F%2Fsecurityaffairs.com%2F&r=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://signal-segments.s-onetag.com/desktop/securityaffairs.com/%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://signal-segments.s-onetag.com/desktop/securityaffairs.com
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=61637e58-9d4a-4515-660f-55dd698f0260?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=61637e58-9d4a-4515-660f-55dd698f0260&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=61637e58-9d4a-4515-660f-55dd698f0260&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=61637e58-9d4a-4515-660f-55dd698f0260&reqId=3acc5d2c-5048-4ecd-6425-a283ba5a59e1&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A9BCB108-9449-454D-B335-D4070369B19E&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8ddf7d0dedcaf03/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
btlr.sharethrough.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.pixfuture.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
i.e-planning.net
i0.wp.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
js.cookieless-data.com
l.sharethis.com
lb.eu-1-id5-sync.com
lg3.media.net
loada.exelator.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pixfuture2-d.openx.net
pr-bh.ybp.yahoo.com
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
securityaffairs.com
served-by.pixfuture.com
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
visitor.fiftyt.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
fid.agkn.com
pagead2.googlesyndication.com
securityaffairs.com
13.248.245.213
137.184.242.150
141.94.171.214
141.94.171.215
141.94.242.206
141.95.33.111
143.204.89.60
151.1.205.165
151.101.66.49
159.65.196.12
161.35.253.218
162.19.138.118
162.19.80.92
168.119.149.178
172.217.23.98
172.64.154.237
178.250.0.163
178.250.2.146
18.156.0.31
18.193.95.202
18.66.112.32
18.66.15.32
18.66.97.109
185.15.245.83
185.172.90.249
185.172.90.252
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.87
185.80.39.216
185.86.137.114
185.86.137.133
185.89.210.212
185.89.211.116
192.0.76.3
192.0.77.2
195.5.165.20
198.148.27.139
198.47.127.19
198.47.127.20
2.18.235.93
2.18.36.193
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.234.175.175
212.82.100.182
213.155.156.167
213.19.147.44
23.35.228.23
23.35.236.188
23.64.52.128
2600:1f16:e61:3f02:363e:3490:f8eb:b263
2600:9000:2251:9a00:3:c04e:c780:93a1
2602:803:c003:200::21
2606:4700:10::6816:1857
2606:4700:20::681a:644
2606:4700:3031::6815:90b
2606:4700::6810:3865
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:802::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:400d:804::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80e::2003
2a02:2638:1::13
2a02:fa8:8806:16::1400
2a04:4e42:200::300
2a05:d018:24:b002:d133:9dc2:a783:2cd2
2a05:d018:d29:3601:3fa2:8fc7:943c:2dee
3.120.61.137
3.122.214.165
3.126.18.125
3.248.100.224
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.149.20.76
34.207.40.113
34.248.136.204
34.252.235.208
34.96.71.22
34.98.64.218
34.98.67.61
35.158.254.41
35.186.193.173
35.201.96.126
35.204.158.49
35.214.223.115
35.227.248.159
37.157.4.25
5.161.54.172
51.15.145.116
51.89.9.252
52.0.191.77
52.212.224.242
52.220.229.2
52.222.214.123
52.223.40.198
52.28.203.152
52.29.128.124
52.3.162.137
52.30.109.223
52.46.143.56
52.95.122.74
54.72.55.142
54.78.254.47
54.81.22.167
63.251.232.170
67.202.105.22
69.166.1.12
69.166.1.15
69.173.144.138
69.173.144.139
69.192.160.219
72.251.249.13
77.243.60.138
85.114.159.118
92.123.37.164
96.16.141.156
98.98.134.241
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
09b77f9622e7838938c81f834552aa299d4a9839e70fd05b378cdbbe69e06956
0a1cf5989641a0bd9b44a47a84dca378f456cf394a9eaab9a78b9bfc6b38171b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc6695dc2812b6bddaff0557f64cb8ba34915ffc31415d3188d5cc71d5d9ffe
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0c7e415acbb8a3fe3d15def18e3063ad4b47bfa84600a5549b99f86a231032df
0e1b9eb987618d75c5395ef6e3b8fbcf5a761916136ec2ec14d46eda2af7d645
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1219f47acf3eb1ca4e3a7e70fcb621f9efd58e306463dcee644ddfd3cbf7049f
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19d185128f5f3137d085ed61824c45d928ff2cfedb00ca02034c1ad6f08cc307
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1d6693b7186c190fb6f7b0f65ae79fd4fe3cc66281a3c322e1317b6860175e95
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
1f403ff96b227d172893ae79a59cc74884b58a254f7d9e73b7ffc2cfec21365d
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
24d269e3a7fb59704f63823b9ddca4d58e09913f76c51602e33ee5f5fd4d43ce
25a885bb897c6c42f7d0fc0aeb5b92844f0fa26653645061b43ec05d9d835e79
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
2a8478b0780df34dba12773d505b43ef2191c796bb5e55f5f2d6dfc33f81a644
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad4bf65c73b172bcda29e81a90e3b726955b26b1736e4961ecb58192a28f782
2bab16870fb5356a2b613e5fafe02dba0a9faf022384e16fc44715a8aa130308
2c609ac35700d2a28782fed2856910816281bf5157449e7b10c3b950643a4f38
2d6a67b9961421818946cfc5130d4d1a52197f5d3576f580c3664509114ba665
2df07c1005c503514db50049f19a48031361c0b321785ef8e6a038176948617b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f37e30ada318e0830aec69a1255d39c8b9fa795eed6d3e1f1cf60645871ef66
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
307eddac06e7be340e3c1664d6e731163741a7c2b8d5e39e6aba450b9ece1fb4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31905ac0366264e9e5a7f471adc70c8cefad4ce8bd4f321cf2d10888b2faa9d5
346d95c8828100faeab4b18adaf0123c6ca7589c09f1d05c0a36e94ee2c84692
352fe5c75144450662c5485e7a62bc544009db6cee45689090822e5c44ae1790
368b78c4589f777d846d5bb40672d37711ca6e781fb5e354ad4dddf04946806b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d
3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0
3a5c7ca5e9395cc7e4498131dc18c0800edb18882b790c3c074e4a50e24149f7
3b48dc7e6e7aa55e0605a89d5bb6dd20a3a513000773f83f9e43352c0ba6c5d5
3cf54a517d5ae314b27a528a239d35efacb05286720b9c24b39ac7bb2ef2256a
3cff268b0f86f85448569261461a662e62ef134db6012df7010dfabcf5ad3d2e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de2289989a1368b7a0e843344e5d9d401b309357d1e0de899c3b1d14cff70e2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe05c0b2206d60309ed581b6497048b23e4f62c1b03cbc9d4d2deed7ceaf7a8
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
428648d74a0dac400cb884a14f167430e62d2b45d1f7c46a6a24706bdff2765f
42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
477682cd82a5ec977e5bf9156bb07a48f6374a1b074a98c76ab7cbcb6ac8651f
489d3f86c7501555f04d2c93bc927ee70558938a4f6bba81a0a8675d3e6beba0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e776741095961e2203d6dcd3404a52f7c721599486a6729f417057cf54bd458
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
50c37722665c0670fba131d376b8817a758deb29747ec5ab6223252cdba32aaf
50dbc0ac0b082f35ffb5c174090e6ae253f43f82d491a862f55a4e2f4a73728e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563fd70c2f98ba30da5563f89eb586ceea7ce17483adc043b29d5578e59cc430
568216c1a962852e47fe4daef7ae42a0a46529df67bed8afd68d58f836f93436
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60ba03ebcae42ba19a333924a27b0667451f2a67911018b6c1db6bf4caa69b19
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c76ce36e998a627ba74107d434b4678ebc1d2828be4fe8dff39d8e87b52d34
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b
67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5
67ad1b654bc547dcdd6796a5f0a2d5b51cb1536f9b8a512746656d5d14670f4b
6870ed2fb04fa82527303e6207db1d97d05dc0f77c1b70c142653cb89894e435
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
757917c99570dc3d772cd2dc9b04fa48e1ac15deab8566766e0ff027ece7828d
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
7d681073adc093b62da9956b286140ad5c20706ca32917b5860b1b0da930ab0d
7f13fad6fb28d7b981e0e44036de03360ef1d665d13e4a25dc4e8d6c66c15f9b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
874072fff133aab13c56d84b6d8e48d025295c234af0251dd270971ec74482a6
877fa53fbb42d19a3afafb18daf7bd0ad0432770ffbc8890aef478063a9b2dbd
892023286b2e695f67cd85296c61db2b63581a5021d21cbec334b25b9b9a12b3
8a63ee3b92d7482349efb8ad543314071173786873b6d5b0f0902113fd21e8cc
8ac25f06eaea173ab8f41d4fc940ae2b161113d71676f340510372e4d1da487c
8c483c541088928c178ee13e2c392d7a9ef9777cd163d6cf3da23e9f3a54716c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
93c49eb7a1b379a2eaed44b734895c41b2b8d2c2709c4f9630ac7ee719e6dfb7
95c7e66decb9b222c1ea676460eac3379ad9a8b4ae387f6b54a13847b9053648
962ddee0134b50d472f8f59559be59134ae74b7071edd88dc78cf437d9f2a6bf
97d7876ce0d8fa5392fb52224a025a7ca47976efcdbd58290984e043e3433c60
97dd97389f5a4a645f27a44dbce9b7f21cd7a93fe0a4c85715af5f7a38cb41a3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3
99000638b24eb9cb48b3fdf6a83a0cf5ae3455d8c1f7dfcbff20e7e7599e1fa4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9a99fb70fee24aae2df32c9d1cec103b505c168d3f56af0454ef922785dff1de
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9fcd745d749ae23c93b08e67902b0e7e200c55582089d889836cf17eafdafa79
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07bdbd5ddda69f690b1ef51d085cd235c9c616465b689ca40dd6a828f19593f
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a22ce03d5ba74882887f0a3a0ee01f056de55f918d06af1eec8c681142de9358
a3b45d6f2e875dcaca49a8b9260b634d88c1ad95cd3972a658fe5dde88bad1f2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a536fed03d8e302bf358c6b44fd9067b9cf9af93b107cf0f57c9d6903e8b1af5
a5cdb35680f8c210401c6af7efe597b978735ab2775746334ed14f94896505d2
a6717d94e8427ccb07d9148c94c28e02b13a3f8f21832e6d0f6f815c524699e9
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
b09e11efb02422c5471cbae6fa028dad2ee0ff557b37b704fe863613a0f7bde3
b0d6e71e48de130e4b0a7e54ddaee478df73dce7ace894f8e5525ce85d2fcdfe
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99
b20f902f67506a2aabe23912bcc7283d074316af0a180435c6e095c2a8accfb3
b42ca68bd8f69e1977a6aa617fce074926cfaa7a81fd1c690bafe47c037df05c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b491b900e6602635590201c6944ee32f6f04165a137fdf00ebe91d36b3297b73
b5b87067c47877fd65dfdf6331856ef91144729fdcb78a5b02050463e8b9b212
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9356dfe417eec1612548346667d4edb28ce3e9d5c12b664bc9eaae005edda18
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
bd298437672a1357401c64c034cbee391fcb9e6c5d8d1dd7663f82737b911e02
be854a921acf62d8673ff6c6725a6eddfbace003185c26146424fb5e98a323e8
bf6ad2e8398361361d00b601150f42a2f2acd1741f2c04b97e6e16eefa2e5269
bf835f9b130742e1753bebbb39051d39adb607a509a7f2ce48775242e1336cf1
bf927c4e61681bb6f40d5a1d2be968567eb720a667d6c259db51332884e06d91
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e0faa0bc554b9a86d51ec14488bef748c400cfc8f61e57b3d2e4688f11f983
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c38428407d272954db890b91001b8bac74826ca947893c7303d40b2cc2fc00a7
c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce
c5b7378b6dc524541e093b06e83f0412e06763d04448bdcde3d2a3c9a89c5055
c6f26704b21c23b184d5415936006d9d80c900ff96b8519dd839055d6ea7cfe7
c75f2031ab31cd6ec96f724733201ed1e5e1f13b6fcfab397c81d2dfbb3454b1
ca64026e7801799184072a008584a94e4303606534905e32c6d81f9abac15241
caa7cd282834db10f0f18d146f312255ac4768c702b713744750ae06fc3f2689
cd044a0a490741ba2de8f25925586a39779f7cf0b2b2bb713cff7b68e9105dae
cdb75061d0529c30262ed4d91a9ede7f2240beecc2d57cff6d8786c51e31d7ab
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
cec4b3c731ccda8a6a35e78502f306f06d4260d8d674e70951697fa08239ebd6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8b979a23e3a51f619b4ff5a964c840d0ec6ccce7887fe8432801365f6210f3
cfd1698fe4010e21a5ec948c565d734f8b8062c92f9f4d51f1a7bb5297ee92b9
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d93b2b41f4480c58d5826cb91570ccdbf3bf7d9a9837b40b12e093b7fc9af976
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
db22cfba820acd97d6545efe1e00a77ea77a901c4a91ad488d3819da3e93022d
e0914db75a93e5db7e499797b18ccc093d66c07ad443e9d44babb957c4af4afc
e1b1c54ba41cb13001de23642265da817473b2f3c8c0789eed1bb8d560c42110
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50ba91d544b20f3dbcafd151c46d78e95364921302eca19571946e56911c179
e55bd91330efcd47b081757b7aae0bdb5a1ad9b58872393bf9d5e6a9f6095aed
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67
ed7456fe60284e3f50f6e299421d0c682133dd385f57d6cf94eaafe45ea11c67
ed77a1728ca74290e131f1036ab8e5742c2397219a6d82a21544d4bddb87286a
eea0b6a5c8fdacdbdf857bdd2e23134c7d4609d24f786f076551790e8b157e14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f10fb414f3be567ed6b98259b9639806a54a13fb106dd1194949c499cfcdba0f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3e547dd68cdf81e0eee07f2cd672da320942336f3db781d19c134220125ab6f
f41e3e3da3bf9172a9560d07cabfd99f03a22b8a412ea4efa2e93fb22cdcaad8
f4931fd81605d5a439338d7579d8a48ea5ea91f31bb2bde2ebcda6f1a917234e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439
f8e64cba4fce583bfd1da3633f33a5028791ad8ca5ed8202f278bf644092fe86
f8ef57b9f34d4f7309b6e329a8aae08306cd53febd2870f546e2fb35a0f46863
fabaa8fceb25012bbe44a2e220fc8ba0e7fc8d9941b7b081d60ad87687a6b044
fb5eaee534603a65897417e25029bcf8110a5ff3005d6254bf27d42f78f343e4
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe434a2c8de75429fbf0fae000c368634cd57666ffa5b7b26522d3ea3ded5371
febc1e8fbae9b78e392e33110088051ce7f8168aa0ca6c43aadec0458774045a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48