www.upi.com Open in urlscan Pro
151.101.2.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.upi.com/top_news/world-news/2021/10/26/iran-gas-station-software-hit-by-cyber-attack/6621635251946/
Effective URL:
https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Submission: On October 27 via api (October 27th 2021, 5:14:13 am UTC) from GB — Scanned from DE

Summary HTTP 110 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 52 IPs in 8 countries across 44 domains to perform 110 HTTP transactions. The main IP is 151.101.2.132, located in United States and belongs to FASTLY, US. The main domain is www.upi.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 24th 2020. Valid for: a year.

This is the only time www.upi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:2240:1200:f:baea:96c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:5800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
1	50.17.108.122 50.17.108.122	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:6400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 2	3.120.169.248 3.120.169.248	16509 (AMAZON-02) (AMAZON-02)
4	35.164.52.163 35.164.52.163	16509 (AMAZON-02) (AMAZON-02)
4 4	3.120.13.220 3.120.13.220	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	141.95.3.9 141.95.3.9	16276 (OVH) (OVH)
1	34.210.233.105 34.210.233.105	16509 (AMAZON-02) (AMAZON-02)
2	34.210.253.33 34.210.253.33	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:9fea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
2	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.193.97.64 18.193.97.64	16509 (AMAZON-02) (AMAZON-02)
1	35.170.35.142 35.170.35.142	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
2	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.120.57.46 3.120.57.46	16509 (AMAZON-02) (AMAZON-02)
6	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	52.59.27.158 52.59.27.158	16509 (AMAZON-02) (AMAZON-02)
1	3.214.91.80 3.214.91.80	14618 (AMAZON-AES) (AMAZON-AES)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.57 13.32.99.57	() ()
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	13.32.99.89 13.32.99.89	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	44.236.248.159 44.236.248.159	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
110	52

6 151.101.2.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.upi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnph.upi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:1200:f:baea:96c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3terveqlssriz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.108.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-108-122.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.169.248 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.164.52.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-52-163.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.13.220 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-220.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.9 (Germany)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.233.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-233-105.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.210.253.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-253-33.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9fea (United States)

ASN13335 (CLOUDFLARENET, US)

player.propervideo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.38.181 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.97.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-97-64.eu-central-1.compute.amazonaws.com

pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.35.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-35-142.compute-1.amazonaws.com

reachms.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.14 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.20.76 (United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.27.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-27-158.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.91.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-91-80.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (None, )

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.57 (Seattle, United States)

ASN- ()
PTR: server-13-32-99-57.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.89 (Seattle, United States)

ASN- ()
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.236.248.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-248-159.us-west-2.compute.amazonaws.com

events.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io events.proper.io	117 KB
10	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	199 KB
7	gstatic.com fonts.gstatic.com	146 KB
6	33across.com ssc.33across.com	1 KB
6	upi.com 1 redirects www.upi.com cdnph.upi.com	279 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	googlesyndication.com 80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	16 KB
5	google.com 1 redirects adservice.google.com www.google.com	621 B
5	googleapis.com fonts.googleapis.com	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com	41 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com	4 KB
4	advertising.com 4 redirects pixel.advertising.com	1 KB
2	openx.net propermedia-d.openx.net	857 B
2	rubiconproject.com prebid-server.rubiconproject.com fastlane.rubiconproject.com	5 KB
2	emxdgt.com hb.emxdgt.com	311 B
2	adnxs.com ib.adnxs.com	2 KB
2	sonobi.com apex.go.sonobi.com	2 KB
2	casalemedia.com htlb.casalemedia.com	782 B
2	pubmatic.com hbopenbid.pubmatic.com	170 B
2	1rx.io tag.1rx.io	334 B
2	id5-sync.com id5-sync.com cdn.id5-sync.com	11 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
2	clean.gg i.clean.gg	104 B
2	google-analytics.com www.google-analytics.com	20 KB
1	google.de adservice.google.de	716 B
1	privacymanager.io geo.privacymanager.io	594 B
1	omnitagjs.com hb-api.omnitagjs.com	739 B
1	mantisadnetwork.com mantodea.mantisadnetwork.com	337 B
1	media.net prebid.media.net	865 B
1	teads.tv a.teads.tv	245 B
1	criteo.com bidder.criteo.com	280 B
1	bfmio.com reachms.bfmio.com	336 B
1	justpremium.com pre.ads.justpremium.com	249 B
1	spotxchange.com search.spotxchange.com	1 KB
1	lijit.com ap.lijit.com	708 B
1	propervideo.io player.propervideo.io	26 KB
1	rlcdn.com api.rlcdn.com Failed ats.rlcdn.com	57 KB
1	sharedid.org id.sharedid.org	211 B
1	quantcount.com rules.quantcount.com	426 B
1	chartbeat.net ping.chartbeat.net	201 B
1	chartbeat.com static.chartbeat.com	14 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	76 KB
1	cloudfront.net d3terveqlssriz.cloudfront.net	38 KB
110	44

	Domain	Requested by
8	securepubads.g.doubleclick.net	d3terveqlssriz.cloudfront.net securepubads.g.doubleclick.net www.upi.com
7	fonts.gstatic.com	fonts.googleapis.com
6	ssc.33across.com	global.proper.io
5	cdn.ampproject.org	d3terveqlssriz.cloudfront.net
5	fonts.googleapis.com	www.upi.com d3terveqlssriz.cloudfront.net
5	www.upi.com	1 redirects www.upi.com
4	events.proper.io	global.proper.io
4	www.google.com	1 redirects www.upi.com
4	c.amazon-adsystem.com	d3terveqlssriz.cloudfront.net c.amazon-adsystem.com
4	ups.analytics.yahoo.com	4 redirects
4	pixel.advertising.com	4 redirects
4	usync.proper.io	www.upi.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	www.upi.com d3terveqlssriz.cloudfront.net
2	propermedia-d.openx.net	global.proper.io
2	hb.emxdgt.com	global.proper.io
2	ib.adnxs.com	global.proper.io
2	apex.go.sonobi.com	global.proper.io
2	htlb.casalemedia.com	global.proper.io
2	hbopenbid.pubmatic.com	global.proper.io
2	tag.1rx.io	global.proper.io
2	bids.proper.io	global.proper.io
2	x.bidswitch.net	2 redirects
2	global.proper.io	d3terveqlssriz.cloudfront.net
2	i.clean.gg	d3terveqlssriz.cloudfront.net
2	www.google-analytics.com	www.upi.com
1	googleads.g.doubleclick.net	www.upi.com
1	80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com	d3terveqlssriz.cloudfront.net
1	adservice.google.com	d3terveqlssriz.cloudfront.net
1	adservice.google.de	d3terveqlssriz.cloudfront.net
1	eb.proper.io	global.proper.io
1	geo.privacymanager.io	d3terveqlssriz.cloudfront.net
1	cdn.id5-sync.com	d3terveqlssriz.cloudfront.net
1	ats.rlcdn.com	d3terveqlssriz.cloudfront.net
1	fastlane.rubiconproject.com	global.proper.io
1	hb-api.omnitagjs.com	global.proper.io
1	mantodea.mantisadnetwork.com	global.proper.io
1	prebid-server.rubiconproject.com	global.proper.io
1	prebid.media.net	global.proper.io
1	a.teads.tv	global.proper.io
1	bidder.criteo.com	global.proper.io
1	reachms.bfmio.com	global.proper.io
1	pre.ads.justpremium.com	global.proper.io
1	search.spotxchange.com	global.proper.io
1	ap.lijit.com	global.proper.io
1	player.propervideo.io	d3terveqlssriz.cloudfront.net
1	id.sharedid.org	global.proper.io
1	id5-sync.com	global.proper.io
1	pixel.quantserve.com	www.upi.com
1	rules.quantcount.com	d3terveqlssriz.cloudfront.net
1	secure.quantserve.com	d3terveqlssriz.cloudfront.net
1	ping.chartbeat.net	www.upi.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.chartbeat.com	d3terveqlssriz.cloudfront.net
1	maxcdn.bootstrapcdn.com	www.upi.com
1	cdnph.upi.com	www.upi.com
1	d3terveqlssriz.cloudfront.net	www.upi.com
0	api.rlcdn.com Failed	global.proper.io
110	58

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
*.upi.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-24` - `2021-12-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
cdn.id5-sync.com R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Frame ID: 83450FEE5B421966873AC5F6982923FF
Requests: 108 HTTP requests in this frame

Frame: https://80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B15A145EDF84289DA80A59F272849CD
Requests: 1 HTTP requests in this frame

Frame: https://80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 530C31CBBB34B60727C558D8DC673556
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.upi.com/top_news/world-news/2021/10/26/iran-gas-station-software-hit-by-cyber-attack... HTTP 301
https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

110
Requests

97 %
HTTPS

37 %
IPv6

44
Domains

58
Subdomains

52
IPs

8
Countries

1177 kB
Transfer

3151 kB
Size

40
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C6WfwHOB4Ydv7KL65x_AP0bumiArjr5f1ZYXm9Lb5DdLh0uCyARABINjqtiBglfrwgYwHoAHs3_KrAcgBBqkCjCB9w9N0sz7gAgCoAwGqBPACT9Dwnp3ZxLL6USW--ksHRDvod5-OtGsj6Rl6PDozx1F1etbdfmIDhWubf_EKAfRptBljuWFbOL5KPyZD3w70xt1DQO_DnxjLRUQb7USmXVMsAkrgruhVFlWKsvpBiaiQt2j7NetuePXZXvqRBUFqPqycQPWBNRoKwRBEukduwgjsWgL-DXOY4i64J8tNW8SJUFs_Y3kaVl7tnFEDfYKrebP5F8sca2Cpgsy0DYZM_F37Q5PIVx_R3jA9p9yVstOgJ1rtZJiwzHx9tsra7G8jQfMl9nOpr3dRBcMKj-4Y49oqfzxyx98gOVblJEkkGnBSzzj0nkt2KEnLva033Fz0Jp9mWsVR2TAYr4b06lttodJlM3oZmzA9BPdvmKApPXs46WiSdNfIWiuAgbIi53LkNLRjzxxl79VyPyeTmOVQ4fxoYOwXkDUDnn1xz-SH6rSCDshX7or_1mE1_vCdX_zjUvQoFpA8c1XwO6Pqofbaw9_ABIqJ99e7A-AEAYAH_J-N1AKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggJCIjhgBAQARgdsQkMID3_X1Qy6IAKA5gLAcgLAbgMAdgTAogUAdAVAYAXAQ&ae=1&num=1&sig=AOD64_0YNDsTBrvZ7-UvoVypL9jM006YGw&client=ca-pub-6897902191714833&nb=0&adurl=https://markettimes.de/fallstudie/g-markettimes-finanzmarktberichte-zukunftsorientiert-and-zeitgemaess%3Fgclid%3DEAIaIQobChMI2_m1zerp8wIVvtwRCB3RnQmhEAEYASAAEgIf2fD_BwE
Title: Der beste Trade an der Börse?

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C6WfwHOB4Ydv7KL65x_AP0bumiArjr5f1ZYXm9Lb5DdLh0uCyARABINjqtiBglfrwgYwHoAHs3_KrAcgBBqkCjCB9w9N0sz7gAgCoAwGqBPACT9Dwnp3ZxLL6USW--ksHRDvod5-OtGsj6Rl6PDozx1F1etbdfmIDhWubf_EKAfRptBljuWFbOL5KPyZD3w70xt1DQO_DnxjLRUQb7USmXVMsAkrgruhVFlWKsvpBiaiQt2j7NetuePXZXvqRBUFqPqycQPWBNRoKwRBEukduwgjsWgL-DXOY4i64J8tNW8SJUFs_Y3kaVl7tnFEDfYKrebP5F8sca2Cpgsy0DYZM_F37Q5PIVx_R3jA9p9yVstOgJ1rtZJiwzHx9tsra7G8jQfMl9nOpr3dRBcMKj-4Y49oqfzxyx98gOVblJEkkGnBSzzj0nkt2KEnLva033Fz0Jp9mWsVR2TAYr4b06lttodJlM3oZmzA9BPdvmKApPXs46WiSdNfIWiuAgbIi53LkNLRjzxxl79VyPyeTmOVQ4fxoYOwXkDUDnn1xz-SH6rSCDshX7or_1mE1_vCdX_zjUvQoFpA8c1XwO6Pqofbaw9_ABIqJ99e7A-AEAYAH_J-N1AKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggJCIjhgBAQARgdsQkMID3_X1Qy6IAKA5gLAcgLAbgMAdgTAogUAdAVAYAXAQ&ae=1&num=1&sig=AOD64_0YNDsTBrvZ7-UvoVypL9jM006YGw&client=ca-pub-6897902191714833&nb=7&adurl=https://markettimes.de/fallstudie/g-markettimes-finanzmarktberichte-zukunftsorientiert-and-zeitgemaess%3Fgclid%3DEAIaIQobChMI2_m1zerp8wIVvtwRCB3RnQmhEAEYASAAEgIf2fD_BwE
Title: MarketTimes berichtet vom Finanzmarkt, umsichtig recherchiert und immer zur rechten Zeit. MarketTimes

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C6WfwHOB4Ydv7KL65x_AP0bumiArjr5f1ZYXm9Lb5DdLh0uCyARABINjqtiBglfrwgYwHoAHs3_KrAcgBBqkCjCB9w9N0sz7gAgCoAwGqBPACT9Dwnp3ZxLL6USW--ksHRDvod5-OtGsj6Rl6PDozx1F1etbdfmIDhWubf_EKAfRptBljuWFbOL5KPyZD3w70xt1DQO_DnxjLRUQb7USmXVMsAkrgruhVFlWKsvpBiaiQt2j7NetuePXZXvqRBUFqPqycQPWBNRoKwRBEukduwgjsWgL-DXOY4i64J8tNW8SJUFs_Y3kaVl7tnFEDfYKrebP5F8sca2Cpgsy0DYZM_F37Q5PIVx_R3jA9p9yVstOgJ1rtZJiwzHx9tsra7G8jQfMl9nOpr3dRBcMKj-4Y49oqfzxyx98gOVblJEkkGnBSzzj0nkt2KEnLva033Fz0Jp9mWsVR2TAYr4b06lttodJlM3oZmzA9BPdvmKApPXs46WiSdNfIWiuAgbIi53LkNLRjzxxl79VyPyeTmOVQ4fxoYOwXkDUDnn1xz-SH6rSCDshX7or_1mE1_vCdX_zjUvQoFpA8c1XwO6Pqofbaw9_ABIqJ99e7A-AEAYAH_J-N1AKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggJCIjhgBAQARgdsQkMID3_X1Qy6IAKA5gLAcgLAbgMAdgTAogUAdAVAYAXAQ&ae=1&num=1&sig=AOD64_0YNDsTBrvZ7-UvoVypL9jM006YGw&client=ca-pub-6897902191714833&nb=8&adurl=https://markettimes.de/fallstudie/g-markettimes-finanzmarktberichte-zukunftsorientiert-and-zeitgemaess%3Fgclid%3DEAIaIQobChMI2_m1zerp8wIVvtwRCB3RnQmhEAEYASAAEgIf2fD_BwE
Title: Öffnen

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAAXNW1tbW3RydWUsWzksMTBdLG51bGwsbnVsbCxudWxsLFsiODAxNDkiXV0sW251bGwsImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbnRlcmFjdGlvbi8_YWk9QzZXZndIT0I0WWR2N0tMNjV4X0FQMGJ1bWlBcmpyNWYxWllYbTlMYjVEZExoMHVDeUFSQUJJTmpxdGlCZ2xmcndnWXdIb0FIczNfS3JBY2dCQnFrQ2pDQjl3OU4wc3o3Z0FnQ29Bd0dxQlBBQ1Q5RHducDNaeExMNlVTVy0ta3NIUkR2b2Q1LU90R3NqNlJsNlBEb3p4MUYxZXRiZGZtSURoV3ViZl9FS0FmUnB0QmxqdVdGYk9MNUtQeVpEM3c3MHh0MURRT19EbnhqTFJVUWI3VVNtWFZNc0FrcmdydWhWRmxXS3N2cEJpYWlRdDJqN05ldHVlUFhaWHZxUkJVRnFQcXljUVBXQk5Sb0t3UkJFdWtkdXdnanNXZ0wtRFhPWTRpNjRKOHROVzhTSlVGc19ZM2thVmw3dG5GRURmWUtyZWJQNUY4c2NhMkNwZ3N5MERZWk1fRjM3UTVQSVZ4X1IzakE5cDl5VnN0T2dKMXJ0Wkppd3pIeDl0c3JhN0c4alFmTWw5bk9wcjNkUkJjTUtqLTRZNDlvcWZ6eHl4OThnT1ZibEpFa2tHbkJTenpqMG5rdDJLRW5MdmEwMzNGejBKcDltV3NWUjJUQVlyNGIwNmx0dG9kSmxNM29abXpBOUJQZHZtS0FwUFhzNDZXaVNkTmZJV2l1QWdiSWk1M0xrTkxSanp4eGw3OVZ5UHllVG1PVlE0ZnhvWU93WGtEVURubjF4ei1TSDZyU0NEc2hYN29yXzFtRTFfdkNkWF96alV2UW9GcEE4YzFYd082UHFvZmJhdzlfQUJJcUo5OWU3QS1BRUFZQUhfSi1OMUFLb0JfRFpHNmdIOHRrYnFBZU96aHVvQjVQWUc2Z0g3cGF4QXFnSF9wNnhBcWdIMWNrYnFBZW12aHVvQl9QUkc2Z0hsdGdicUFlcW03RUNxQWZmbjdFQzJBY0IwZ2dKQ0lqaGdCQVFBUmdkc1FrTUlEM19YMVF5NklBS0E1Z0xBY2dMQWJnTUFkZ1RBb2dVQWRBVkFZQVhBUVx1MDAyNnNpZ2g9bUNBQ3MzT1ROTTRcdTAwMjZjaWQ9Q0FRU1B3Q05JckxNOFdDUmZHeU5KdXA0TmNCXzNEdGtITDluYzhwdWpmV2dWMC12ei1fY2hlM2xKRXNKVS1ObjdXN21ySjg0OGRpV3ZWUEdXVVI4eGxQUE53IixbbnVsbCxudWxsLG51bGwsImh0dHBzOi8vZGlzcGxheWFkcy1mb3JtYXRzLmdvb2dsZXVzZXJjb250ZW50LmNvbS9hZHMvcHJldmlldy9jb250ZW50LmpzP2NsaWVudD13dGFcdTAwMjZvYmZ1c2NhdGVkQ3VzdG9tZXJJZD01Mzg1MDg4MDI5XHUwMDI2Y3JlYXRpdmVJZD01MjkyNjkwMjI3MDlcdTAwMjZ2ZXJzaW9uSWQ9MVx1MDAyNmFkR3JvdXBDcmVhdGl2ZUlkPTQ3OTI3MjQ0ODc3M1x1MDAyNmh0bWxQYXJlbnRJZD1wcmV2LTBcdTAwMjZoZWlnaHQ9OTBcdTAwMjZ3aWR0aD05NzBcdTAwMjZzaWc9QUNpVkJfeGdseEx2eUZMWVcwSzJJcmhSWXJpR2kzYzhvZyJdLG51bGwsbnVsbCwxLCIzbUZYOE5jYlpBTUloZWIwdHZrTkVQenQ2OW95R0lYNDh0UUNJZzV0WVhKclpYUjBhVzFsY3k1a1pUSUlDQVVUR0pyOUNCUkNGMk5oTFhCMVlpMDJPRGszT1RBeU1Ua3hOekUwT0RNelNBWllBV0RzQTNBQiIsIjEzNjEyMjgzNjQ0Il1dXSxbMSwxLDEsMV1dg6EeEMjDvT_MFmMDPYKNNW0GFDHOWIlvoSgBdKZcr-JyulYY_mXAZzF8-ZGjuvNLR0mTkY7AVN4npmonPzgzy1SHcXRlEGu48OfMOYG53uMX06VZ6pgNU8ENpbI0YpbYIzFAfzJv3k8zjxZtADI97izCf1s-3GmskDKk1j9je8-xDF7lvzrQpEyA9Ww4ZsdR6qoGgbkeFrUSOlgJrOpAf64xYFs105VXVZNM4PPiKSXlCpDkY5wY0sgN_QBUbN5e6QxRhW0oNXrcAQ-sQtMWoRY__KHa9NY-RNaCLvzAKYROojtz9uhsAXIo2lzlLSNuxwutpznqWYNq5eTUmEpZOw,Oa5-DskXpf8DoJnOpXru2A&source=display

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.upi.com/top_news/world-news/2021/10/26/iran-gas-station-software-hit-by-cyber-attack/6621635251946/ HTTP 301
https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D7d8bf79b-cf2e-437e-a739-954be461a87c%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_4fd7e29a_4b313dd3_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D7d8bf79b-cf2e-437e-a739-954be461a87c%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_4fd7e29a_4b313dd3_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=7d8bf79b-cf2e-437e-a739-954be461a87c&uid=050ade5c-cc93-4161-9116-c63328317849

Request Chain 26

https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_e520dc35_d81b18f6_2 HTTP 302
https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_e520dc35_d81b18f6_2&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&&callback=window.proper_e520dc35_d81b18f6_2&apid=UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6 HTTP 302
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6

Request Chain 27

https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_4fd723c1_361a76dd_3 HTTP 302
https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_4fd723c1_361a76dd_3&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&&callback=window.proper_4fd723c1_361a76dd_3&apid=UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6 HTTP 302
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6

Request Chain 28

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b4f46b14_e1d424af_4 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b4f46b14_e1d424af_4&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

110 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/
Redirect Chain

https://www.upi.com/top_news/world-news/2021/10/26/iran-gas-station-software-hit-by-cyber-attack/6621635251946/
https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

263 KB
66 KB

200ms
200ms

Document
text/html

151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

669071b9168324146c2f7fa42193c8451a7d6d2c2e362243296fa4c8bd8f6259

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors frame-ancestors 'self'
X-Frame-Options	'SAMEORIGIN'

Request headers

:method: GET
:authority: www.upi.com
:scheme: https
:path: /Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Apache
pragma: public
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=1209600
expires: Wed, 27 Oct 2021 05:19:17 GMT
content-security-policy: frame-ancestors frame-ancestors 'self'
x-frame-options: 'SAMEORIGIN'
content-encoding: gzip
content-type: text/html; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 27 Oct 2021 05:14:02 GMT
age: 0
x-served-by: cache-bwi5154-BWI, cache-cdg20783-CDG
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1635311643.591909,VS0,VE183
vary: Accept-Encoding,X-Device
content-length: 67184

Redirect headers

server: Apache
pragma: public
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=1209600
expires: Wed, 27 Oct 2021 05:19:02 GMT
location: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
content-encoding: gzip
content-type: text/html; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 27 Oct 2021 05:14:02 GMT
age: 0
x-served-by: cache-bwi5175-BWI, cache-cdg20783-CDG
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1635311642.458439,VS0,VE115
vary: Accept-Encoding,X-Device
content-length: 20

GET
H2 200 site.v1635278154.css
www.upi.com/inc/css/ 171 KB
25 KB 20ms
19ms Stylesheet
text/css 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upi.com/inc/css/site.v1635278154.css
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6264bf1208e9ece3be247a8e3f2b8c6e430ea662ace4f9d50898ab4ed0f3f6a2

Request headers

:path: /inc/css/site.v1635278154.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.upi.com
referer: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 33019
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 25507
x-served-by: cache-bwi5120-BWI, cache-cdg20783-CDG
pragma: public
server: Apache
x-timer: S1635311643.815600,VS0,VE0
vary: Accept-Encoding,X-Device
content-type: text/css;charset=UTF-8
cache-control: maxage=51840000
accept-ranges: bytes
expires: Sun, 18 Jun 2023 19:58:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
2 KB 64ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Requested by

Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b1c77d8b3d53d8065b098b5c1c34e84dd38c3da02d7e0a78150d0235d3edf89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 04:58:15 GMT
server: ESF
date: Wed, 27 Oct 2021 05:14:02 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 05:14:02 GMT

GET
H2 200 site.v1792730564.js Show response
www.upi.com/inc/js/ 55 KB
19 KB 18ms
18ms Script
application/x-javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upi.com/inc/js/site.v1792730564.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 81065a5108bcee6fbc930d47c8d807f05149f6b249d256c118620d794a19b87b

Request headers

:path: /inc/js/site.v1792730564.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.upi.com
referer: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 578165
x-cache: HIT, HIT
x-cache-hits: 4, 1
content-encoding: gzip
content-length: 18815
x-served-by: cache-bwi5147-BWI, cache-cdg20783-CDG
pragma: public
server: Apache
x-timer: S1635311643.875938,VS0,VE1
vary: Accept-Encoding,X-Device
content-type: application/x-javascript
cache-control: maxage=3600
accept-ranges: bytes
expires: Wed, 20 Oct 2021 13:22:56 GMT

GET
H2 200 script.js Show response
d3terveqlssriz.cloudfront.net/ 117 KB
38 KB 44ms
12ms Script
application/javascript 2600:9000:2240:1200:f:baea:96c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3terveqlssriz.cloudfront.net/script.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1200:f:baea:96c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf6860ac9148098752f05575bc0209607482986822d634c19f8fec214fdcc8a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:08:53 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 14:42:27 GMT
server: AmazonS3
age: 310
etag: W/"322f85e3e09582993d3945ea4bf5281e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa7.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: E2Xy7pSrnM65kiRqPNIeB9lEswRxDGayhAl03q1g7VK5Ln91d_4lIw==

GET
H2 200 Cyberattack-on-Irans-gas-stations-causes-nationwide-disruptions.jpg
cdnph.upi.com/svc/sv/upi_com/6621635251946/2021/1/1ec19a9923c6958c12f6773a4504f006/ 168 KB
169 KB 38ms
23ms Image
image/jpeg 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnph.upi.com/svc/sv/upi_com/6621635251946/2021/1/1ec19a9923c6958c12f6773a4504f006/Cyberattack-on-Irans-gas-stations-causes-nationwide-disruptions.jpg
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 9abc665401e0da43f91aded927a47fee9c98a2af62e2d8505a2f0c5af3f99c9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 55348
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-length: 172294
x-served-by: cache-dca17767-DCA, cache-cdg20783-CDG
pragma: public
last-modified: Tue, 26 Oct 2021 13:50:31 GMT
server: Apache
x-timer: S1635311643.908169,VS0,VE1
vary: X-Device
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 13:50:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4408
date: Wed, 27 Oct 2021 04:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Wed, 27 Oct 2021 06:00:34 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 144ms
106ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.upi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Wed, 27 Oct 2021 05:14:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 99ms
98ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 82ms
29ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upi.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617
age: 569257
cdn-cachedat: 2021-06-03 12:51:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e55d6c840d63ea098c3fff5217a5d593
accept-ranges: bytes
cf-ray: 6a4970488e023745-MXP
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v17/ 18 KB
18 KB 84ms
46ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v17/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0c2a889d07d01755fc1a7818e2d54ba67c7b953b453dc22e8aaedcd29fe0b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:50:13 GMT
x-content-type-options: nosniff
age: 41029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18332
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:11:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Oct 2022 17:50:13 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 06:51:01 GMT
x-content-type-options: nosniff
age: 426181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 06:51:01 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 92ms
54ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:57:55 GMT
x-content-type-options: nosniff
age: 440167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 02:57:55 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 74ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 22:28:30 GMT
x-content-type-options: nosniff
age: 542732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 22:28:30 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 96ms
61ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 16:15:59 GMT
x-content-type-options: nosniff
age: 478683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 16:15:59 GMT

GET
H2 200 upi.min.js Show response
global.proper.io/ 27 KB
7 KB 90ms
31ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/upi.min.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5088c2cfc7d60f139f3d8553a7843e8ae4fcb5ebf0b8931a448672784b37296

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Oct 2021 18:16:09 GMT
server: cloudflare
age: 39352
etag: W/"617845e9-6c02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6a497048fb286951-FRA
expires: Wed, 27 Oct 2021 05:19:03 GMT

POST
H2 200 / Show response
www.upi.com/story/stat/6621635251946/ 42 B
203 B 131ms
131ms XHR
image/gif 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upi.com/story/stat/6621635251946/
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

sec-fetch-mode: cors
origin: https://www.upi.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
content-length: 9
:path: /story/stat/6621635251946/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.upi.com
referer: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
via: 1.1 varnish, 1.1 varnish
server: Apache
x-timer: S1635311643.996885,VS0,VE103
vary: X-Device
x-cache: MISS, MISS
content-type: image/gif
expires: 0
cache-control: private, no-store
x-cache-hits: 0, 0
accept-ranges: bytes
content-length: 42
x-served-by: cache-bwi5124-BWI, cache-cdg20783-CDG

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 62ms
21ms Script
application/x-javascript 2600:9000:223c:5800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:13 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 6830
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: AOzdZbZsAyb3hKPY_9fbgVbMPNRsFbV-SIwheBhIT1KWqJDGO_VL-g==
expires: Wed, 27 Oct 2021 05:20:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
407 B 96ms
32ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-1342607-1&cid=1760181707.1635311643&jid=1836659178&gjid=1971352050&_gid=2009010697.1635311643&_u=YGBAgEABAAAAAE~&z=625131005

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 05:14:03 GMT
content-type: text/plain
access-control-allow-origin: https://www.upi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 25ms
24ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1635089915&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&ul=en-us&de=UTF-8&dt=Cyberattack%20on%20Iran%27s%20gas%20stations%20causes%20nationwide%20disruptions%20-%20UPI.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1836659178&gjid=1971352050&cid=1760181707.1635311643&tid=UA-1342607-1&_gid=2009010697.1635311643&cd1=Zarrin%20Ahmed&cd2=jl&cd5=71&cd7=upi_blog&z=89937704

Requested by

Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 14:46:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52047
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 363ms
114ms Image
image/gif 50.17.108.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=upi.com&p=%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F&u=DhsV4TBTKvuvDQuYaI&d=upi.com&g=4027&g0=Top%20News%2CWorld%20News&g1=UPI%20Staff&g4=article&n=1&f=00001&c=0&x=0&m=0&y=4581&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=689&t=HYzqVDX7gEnfXtC4B4snF4Dh1o6X&V=128&i=Cyberattack%20on%20Iran%27s%20gas%20stations%20causes%20nationwide%20disruptions%20-%20UPI.com&tz=0&sn=1&sv=CDM3QwBr67eYDj6Wv-BvQ92yIRXtc&sd=1&im=067b0eff&_
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.108.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-108-122.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 410 KB
106 KB 35ms
35ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef71b3b4250fdeae0e4cdadbe5631e1777435f01edfbbe24aea3fa9d7cd323ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 21:57:36 GMT
server: cloudflare
age: 122848
etag: W/"617333d0-668a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6a4970495bb36951-FRA
expires: Wed, 27 Oct 2021 05:19:03 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 66ms
14ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
etag: "f5gpBRZmwYYTVm3LkZ0l2w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 03 Nov 2021 05:14:03 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
426 B 51ms
17ms Script
application/javascript 2600:9000:223c:6400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:05:59 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366459.cloudfront.net (CloudFront)
age: 484
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: U4giXhTyNXja6d_T3V5UTH1necjJc77UZSt5uFrA7nARceu48BRM3A==

GET
H2 200 pixel;r=657034548;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1;uht=2;fp...
pixel.quantserve.com/ 35 B
371 B 25ms
25ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=657034548;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1;uht=2;fpan=1;fpa=P0-1261327613-1635311643293;pbc=;ns=0;ce=1;qjs=1;qv=bb78f58d-20211025154311;cm=;gdpr=0;ref=;d=upi.com;je=0;sr=1600x1200x24;dst=0;et=1635311643292;tzo=0;ogl=site_name.UPI%2Cdescription.Gas%20stations%20in%20Iran%20were%20hacked%20Tuesday%252C%20resulting%20in%20widespread%20disruptions%20an%2Curl.https%3A%2F%2Fwww%252Eupi%252Ecom%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit%2Ctitle.Cyberattack%20on%20Iran's%20gas%20stations%20causes%20nationwide%20disruptions%2Ctype.article%2Cimage.https%3A%2F%2Fcdnph%252Eupi%252Ecom%2Fsv%2Fph%2Fog%2Fupi_com%2F6621635251946%2F2021%2F1%2F1ec19a9923c6958c12f6%2Cimage%3Awidth.700%2Cimage%3Aheight.465

Requested by

Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 75ms
20ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

65ab603c99ed112880d94b0dd96c8eb41abd4ae5ece0246a9c64ff6210d9fa9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1025 / 676 of 1000 / last-modified: 1635286009"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27294
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 05:14:03 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D7d8bf79b-cf2e-437e-a739-954be461a87c%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D7d8bf79b-cf2e-437e-a739-954be461a87c%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=7d8bf79b-cf2e-437e-a739-954be461a87c&uid=050ade5c-cc93-4161-9116-c63328317849

183 B
386 B

549ms
167ms

Script
text/javascript

35.164.52.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=7d8bf79b-cf2e-437e-a739-954be461a87c&uid=050ade5c-cc93-4161-9116-c63328317849
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 522e855f32853dfa6b65864feda1e624d16cef78ba82c008922aa4e93c919322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:03 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

Location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=7d8bf79b-cf2e-437e-a739-954be461a87c&uid=050ade5c-cc93-4161-9116-c63328317849
Date: Wed, 27 Oct 2021 05:14:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_e520dc35_d81b18f6_2
https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_e520dc35_d81b18f6_2&verify=true
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&&callback=window.proper_e520dc35_d81b18f6_2&apid=UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6

189 B
426 B

537ms
170ms

Script
text/javascript

35.164.52.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: b2b56b6592ba651688973b189041f1b84738c974872b37d81c71302f70923f49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:03 GMT
server: nginx/1.18.0
content-length: 189
content-type: text/javascript

Redirect headers

Date: Wed, 27 Oct 2021 05:14:03 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_4fd723c1_361a76dd_3
https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_4fd723c1_361a76dd_3&verify=true
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&&callback=window.proper_4fd723c1_361a76dd_3&apid=UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6

189 B
426 B

505ms
170ms

Script
text/javascript

35.164.52.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: b2b56b6592ba651688973b189041f1b84738c974872b37d81c71302f70923f49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:03 GMT
server: nginx/1.18.0
content-length: 189
content-type: text/javascript

Redirect headers

Date: Wed, 27 Oct 2021 05:14:03 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b4f46b14_e1d424af_4
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_b4f46b14_e1d424af_4&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A

151 B
360 B

551ms
170ms

Script
text/javascript

35.164.52.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: b0686c9f651fb41c9c9603bae1efa6afde68c3949fabd68afeaa7374a9888a2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:03 GMT
server: nginx/1.18.0
content-length: 151
content-type: text/javascript

Redirect headers

Date: Wed, 27 Oct 2021 05:14:03 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 212 B
528 B 72ms
13ms XHR
application/json 141.95.3.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.9 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p32.id5-sync.com

Software

Resource Hash

bf1cae0ba544e4037267bdc3558d661566ba3afd8c3a5102ab85532be077764f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.upi.com
Date: Wed, 27 Oct 2021 05:13:54 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 id Show response
id.sharedid.org/ 0
211 B 578ms
188ms XHR
text/plain 34.210.233.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.233.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-233-105.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.upi.com
pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 727ms
167ms XHR
application/octet-stream 34.210.253.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Oct 2021 05:14:03 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 main.js Show response
player.propervideo.io/new_rtp/ 115 KB
26 KB 143ms
48ms Script
application/javascript 2606:4700::6812:9fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.propervideo.io/new_rtp/main.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a57853edef7aae88a06326cc459a0d70845f5b2c72ff39db77aa2762a1dbf57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Oct 2021 21:22:02 GMT
server: cloudflare
age: 28130
etag: W/"6178717a-2ae07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Wed, 27 Oct 2021 05:19:03 GMT
cache-control: public, max-age=300
cf-polished: origSize=175623
cf-ray: 6a49704baa893743-MXP
cf-bgj: minify

POST
H2 204 mvo Show response
tag.1rx.io/rmp/235414/0/ 0
167 B 60ms
21ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/235414/0/mvo?z=1r&hbv=5.18,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 212ms
155ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 45 B
708 B 102ms
44ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: aa2a4ae9f7ff69d6b3988f700992c0a39fa3920ed0d99904fc437b1e2b885830

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Oct 2021 05:14:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upi.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

POST
H/1.1 204
No Content 317964 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 193ms
52ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/317964
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Oct 2021 05:14:03 GMT
X-SpotX-Timing-Transform: 0.000298
X-SpotX-Timing-SpotMarket: 0.004301
X-SpotX-Timing-Page-Mux: 0.000883
X-SpotX-Timing-Page-Require: 0.000307
X-fe: 043
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000026
X-SpotX-Timing-Page: 0.008759
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000264
Last-Modified: Wed, 27 Oct 2021 05:14:03 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004301
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upi.com
X-SpotX-Timing-Page-Misc: 0.002667
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 46 B
391 B 167ms
115ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=679380&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22f30605fe-e194-4cac-a8d0-5ca80a35e67d%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-vyHBy%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-vyHBy%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22728x90-2-CVCKl%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-CVCKl%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22160x600-1-ZGCLO%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-ZGCLO%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x250-1-BpGt0%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-BpGt0%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-SfwvW%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-SfwvW%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-HyfCD%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-HyfCD%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-4-yA5MY%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-yA5MY%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-6wfOM%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-6wfOM%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22970x90-1-aiKrJ%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-aiKrJ%22%2C%22siteID%22%3A%22679380%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A970%2C%22h%22%3A250%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0f321f37b7ae46fa90e641392266688bfaa0da650de78fc982edd74d71e4e0e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.upi.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 66
x-ak-client-geo: 12
expires: Wed, 27 Oct 2021 05:14:03 GMT

POST
H2 200 xhr Show response
pre.ads.justpremium.com/v/2.0/t/ 44 B
249 B 197ms
143ms XHR
application/json 18.193.97.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1635311643403
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.97.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-97-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 39ec78a08a95ab41a3feb710b13f740b7966442651066dae4eea638bd306b4fe

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

POST
H/1.1 204
No Content bid.json Show response
reachms.bfmio.com/ 0
336 B 482ms
127ms XHR
application/json 35.170.35.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.35.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-35-142.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.upi.com
Access-Control-Expose-Headers: location
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
280 B 104ms
48ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0&cb=77577326279&im=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 05:14:02 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 282 B
815 B 133ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22cf2bb5411fab49203c78%22%3A%22cf2bb5411fab49203c78%7C728x90%7C0.1%22%2C%2265af045d98064476e433%22%3A%2265af045d98064476e433%7C728x90%7C0.1%22%2C%228ff575ccba39cea32fe3%22%3A%228ff575ccba39cea32fe3%7C160x600%7C0.1%22%2C%22e2af3ca8ed5d3bc9f6c1%22%3A%22e2af3ca8ed5d3bc9f6c1%7C300x250%7C0.1%22%2C%22619cf3af57e11375c2d7%22%3A%22619cf3af57e11375c2d7%7C300x250%7C0.1%22%2C%22be8701653a55fea338b5%22%3A%22be8701653a55fea338b5%7C300x250%7C0.1%22%2C%228d7a181ba5b312ac8522%22%3A%228d7a181ba5b312ac8522%7C300x250%7C0.1%22%2C%229c4c249c50c5f1c2bdf0%22%3A%229c4c249c50c5f1c2bdf0%7C300x600%7C0.1%22%7D&ref=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&s=9b4396bf-f00f-4048-a95e-04f7d9fbdf80&pv=fe511160-dfc0-4a7e-8729-65e3c5fee592&vp=desktop&lib_name=prebid&lib_v=5.18.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%227d8bf79b-cf2e-437e-a739-954be461a87c%22%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

36ca5c53e0d13be4dcb5c0f8d16a998a83cc1ab978a4e2c30fdea5d817226875

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 05:14:03 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.upi.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 209
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
245 B 162ms
59ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 27 Oct 2021 05:14:03 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
865 B 130ms
79ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f647fe0b055f7c8c7b774d2d7fb6e3a3b9e13d5ff2876a9bc22a5fc5d9caf44b

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.upi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 46 B
391 B 154ms
109ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=679381&v=8.1&ac=j&sd=1&r=%7B%22id%22%3A%22323939f0-b3ff-4f8b-8944-c2f725f50958%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22desktop-1-6KcCf%22%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22desktop-1-6KcCf%22%2C%22siteID%22%3A%22679381%22%7D%2C%22video%22%3A%7B%22placement%22%3A4%2C%22topframe%22%3A1%2C%22skip%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A10%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&nf=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66e9c1847b133472362c048ca6917876e34ef86feead3bd95080664c1ecd64de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.upi.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 66
x-ak-client-geo: 12
expires: Wed, 27 Oct 2021 05:14:03 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 141 B
1 KB 193ms
143ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6928158cc18cd9699e5b3ceaa8ebd0f59f0c1d06d9829f057a4fa188f4776917

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 05:14:03 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a3427616-5493-4c38-9132-7657e66e0f52
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.upi.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 141
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
156 B 86ms
35ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1635311643412
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
316 B 157ms
107ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 2196ac0d776126f0157006ac692d515d19e531e7a16d53e270bcf25b8ea10da5

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
170 B 160ms
110ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: ae974dfcf301f907ffda66ca2ff77965916325e113f027e61e42046a965e4a31

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 157ms
107ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: e32ca8802c3ace59502876310092a374ccd6c9f43661f13d25bc81e58151e7c1

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 167ms
118ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 0f77005572931a527efe0da6c56d39644b3afea28a14a92c88d80064f579e73b

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 167ms
118ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 0a52522985a337b03f0ad41c5840f6731727234791d7a0c34046ec023eb25831

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 179ms
130ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 84080a473dae1331bba197ef11ec79c6f76ef8d7d583d8a1f4fe2a5b89fcc072

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 705 B
1 KB 228ms
181ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

923c1d1a0bc05d95cd6dd96d99bf2cde9332c11b4860ad5a011295b63b5b3d76

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Oct 2021 05:14:03 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4a138ef8-cf96-47fa-9e4a-aa60a19f3c56
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.upi.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
155 B 92ms
46ms XHR
text/plain 3.120.57.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1635311643415
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 172 B
380 B 90ms
29ms XHR
application/json 52.59.27.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.27.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-27-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 14bf88f38c12cb47e14774368ba178d4bee0380a9f3060889a2278420a72ee7d

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.upi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
337 B 377ms
125ms XHR
application/javascript 3.214.91.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1635311643417&secure=true&version=9&mobile=false&title=Cyberattack%20on%20Iran%27s%20gas%20stations%20causes%20nationwide%20disruptions%20-%20UPI.com&url=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&measurable=true&property=60ae66d26f5619000fb3f1b5&bids[0][bidId]=upi_728x90-1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=upi_728x90-2&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[2][bidId]=upi_160x600-1&bids[2][sizes][0][width]=160&bids[2][sizes][0][height]=600&bids[3][bidId]=upi_300x250-1&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[4][bidId]=upi_300x250-2&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=250&bids[5][bidId]=upi_300x600-1&bids[5][sizes][0][width]=300&bids[5][sizes][0][height]=600&bids[6][bidId]=upi_970x250-1&bids[6][sizes][0][width]=970&bids[6][sizes][0][height]=250&foo
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-91-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: a82c9f7c4041998b00f100570a045e49cb1131b7cda439fcdd70a19081c40451

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
x-powered-by: Express
etag: W/"38-Ximfk3qwjkcwz7t7hKqX4/lJ5sQ"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.upi.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 124ms
83ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Wed, 27 Oct 2021 05:14:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 392 B
739 B 99ms
33ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

023ee75584a2f6c52b5dcfb79e579d68853731995dbd147e6a8040fd99fab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 392
expires: 0

GET
H2 200 avjp Show response
propermedia-d.openx.net/v/1.0/ 106 B
300 B 91ms
41ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d6c79819-02ef-4393-9fec-f690017c4819&pubcid=7d8bf79b-cf2e-437e-a739-954be461a87c&nocache=1635311643418&auid=545661640&aumfs=2000&vwd=640&vht=480&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1&_pubcid=7d8bf79b-cf2e-437e-a739-954be461a87c
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
via: 1.1 google
server: OXGW/16.217.1
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.upi.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 173 B
557 B 87ms
38ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%7C160x600%2C300x250%2C300x600%7C300x250%7C300x250%7C300x250%7C728x90%2C970x250&auid=544095237%2C544095241%2C544095242%2C544095243%2C544095244%2C544095245&aumfs=100%2C100%2C100%2C100%2C100%2C100&dddid=9a281b33-c5a5-4774-b143-5029d91c68d5%2Ce55b4083-6565-4254-89ac-3e12da1d91a9%2C889abc86-eec0-4e08-ada7-5589f85881d5%2C463d0060-6dec-48cd-ae5d-2e82cbb075b4%2C5ae61841-cc87-4f28-86a8-231f6e95f096%2C1b8620c6-3080-4e27-a417-816c77248ddf&divIds=openx-19085b76-3705-4b5a-b97e-600a11aa2fe9%2Copenx-d9713b7c-0439-46b2-a9d2-7b05f4f72e06%2Copenx-9ba72a7c-ffee-4a0c-b904-2cfdd1c08dad%2Copenx-e9cf13ee-cf1f-41e5-937b-4bad99b72f50%2Copenx-2cf118c6-cdde-4381-ae0d-317d60c2e5e7%2Copenx-565f22b0-08a7-4b23-8597-edcecf473d6c&be=1&bc=hb_pb_3.0.1&nocache=1635311643419&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1&_pubcid=7d8bf79b-cf2e-437e-a739-954be461a87c
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 9e7adcc7b57e8fe78919cfb64e842acb21f4b1beb7e0c744a007e184bb530332

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.upi.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 837 B
5 KB 174ms
119ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=378202&zone_id=2087932&size_id=2%3B2%3B15%3B15%3B15%3B15&alt_size_ids=57%3B%3B9%2C10%3B%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=0e6aaa03-fef7-4ba9-9dc5-19e3c347e16b%3Bbbe8e89e-8863-4391-a397-2df29636c471%3Badcc43c1-9d65-4f9e-ad3e-f6226fb4be23%3B50c9c8ef-0f62-433c-9a22-c14d2a5c3973%3Ba12f320e-5c56-4f61-8569-41ff8c74236e%3Bada25b48-d34d-4b3c-b5ee-ef8c5f701aec&p_screen_res=1600x1200&tg_fl.eid=2087932-6%3B2087932-7%3B2087932-4%3B2087932-1%3B2087932-2%3B2087932-3&rf=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&x_source.pchain=proper.io%3Af87d3dee-ba65-11eb-8272-06ef03bc0096&ppuid=7d8bf79b-cf2e-437e-a739-954be461a87c&eid_pubcid.org=7d8bf79b-cf2e-437e-a739-954be461a87c%5E1&rp_schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1&slots=6&rand=0.5473533463812734
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fac261b8206927b41ed330a47c1462e69fada052b09c7a1921492f3a4c20520d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 05:14:03 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.upi.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 837
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 84ms
42ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:07:42 GMT
content-encoding: gzip
age: 380
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1TMCPKEB74FFTGRNTK0Z
etag: e2b905aea413c4d7479fb2bb9cbc6c65
vary: Accept-Encoding
x-amz-version-id: PBfT87Jypy1l_3XKxwEwol.gybzOM7El
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: rGBnJfQXF8pPH8DvxD6268ngWVVbW_qlLJboBQS-zTKsbD9dmJd3WA==

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 100 B
735 B 116ms
31ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22b6bce00ab7f563cb81f9%22%3A%22b6bce00ab7f563cb81f9%7C%7C2%22%7D&ref=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&s=b7b26175-b947-4c8c-80e9-fe3b931a4309&pv=5fa53071-6afb-4f7d-ae08-715710ceff05&vp=desktop&lib_name=prebid&lib_v=5.18.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%227d8bf79b-cf2e-437e-a739-954be461a87c%22%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

73dd1765bd6d97807f252b4bc695d2f7d62dcc9b0d632ac41ae3b4a8c56f9d85

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 05:14:03 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.upi.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 125
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/237099/0/ 0
167 B 34ms
22ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/237099/0/mvo?z=1r&hbv=5.18,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
pragma: no-cache
date: Wed, 27 Oct 2021 05:14:03 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 pubads_impl_2021102001.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 19ms
13ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 122914
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 05:14:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 142 B
127 B 55ms
37ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.upi.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9506a0fac1f968b60845afa8d68e282f5f1caa3fae2864c19f8b06f0ccf83838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 05:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 102
x-xss-protection: 0
expires: Wed, 27 Oct 2021 05:14:03 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 49ms
8ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 83502
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Tue, 26 Oct 2021 06:02:22 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: YeDnQc9sPnK6kM1H3eSIMS0rVtZ6BmcMEq0oT04MtfnBglG8s6jH1Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 29ms
28ms XHR
application/json 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1b490f3ed06b7c1f2734d74930bf3f5dee77f473c8e01c703d442c12f49e908f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:13:10 GMT
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
server: Server
age: 18052
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.upi.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 1347
x-amz-cf-id: rnP7wS2zl9er80O4NaW-gApA2d0Z3nJt3v9xGfhfKpvofXIYgNPxUQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 70ms
70ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&pid=repnBpTTUEv7P&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 05:14:03 GMT
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 452J6YKW70QXP175N9FT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: kU7eUIJKLaAA79NoBQQH_7uSy_N83g28j-3bQuPuyc9CqAthKNQWIA==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
57 KB 63ms
19ms Script
application/x-javascript 13.32.99.57

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.57 Seattle, United States, ASN (),
Reverse DNS: server-13-32-99-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 10:28:43 GMT
content-encoding: br
age: 67520
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:f3f3bcb1-d653-4795-a242-0bc52f20e334
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 7fac56bbf391534ba4d108d9d1c5ede96a619703863f7695a7d7c98a8fea4662
x-amz-meta-codebuild-content-md5: 99ea7c9ae879eabed07b623c4b48c3a2
last-modified: Tue, 26 Oct 2021 10:28:36 GMT
server: AmazonS3
etag: W/"319188f4e162198ee578ba6e65904ead"
vary: Accept-Encoding
x-amz-version-id: aNI79gymn36SdL1OCQ9XQoRn1j6ap8oY
via: 1.1 4612dc3b414cf2057f542e94733d59bd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: cbdvrFnMiVyJn13aWaQnvndugja4qCBMPEn3_fH6MJheFqJwr84KYA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 35 KB
10 KB 63ms
21ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 27 Oct 2021 04:29:46 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10053
x-request-id: 995985970

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 65ms
8ms Fetch
application/json 13.32.99.89

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 Seattle, United States, ASN (),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 07:27:53 GMT
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8ff.cloudfront.net (CloudFront), 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 78370
x-amzn-requestid: 18520555-4f1a-49a8-8883-146f5d412fa4
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6177adf9-042af89872f6e7825c401776;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: Hzge_E7DjoEFRpQ=
content-length: 30
x-amz-cf-id: i4zR2A_VOt1DpnYMTBRdzqvuW5tvY664psRSVGrlG9HjBn0fyUOyuQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 s2s Show response
eb.proper.io/ 560 B
1 KB 295ms
285ms XHR
application/json 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457c02f151daa04f1479a39751e03c7a59ca69d1e60244b8f9000353bdec081a

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:04 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.upi.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dur:244
cf-ray: 6a49704f2ff76951-FRA
expires: -1

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 64ms
24ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upi.com

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 05:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 65ms
26ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upi.com

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 05:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 304 KB
51 KB 533ms
532ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1693452532015182&correlator=4205963422882197&output=ldjh&impl=fifs&eid=31063135%2C31063262%2C31063281&vrg=2021102001&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=5376056%3A1009753%2Cupi_leaderboard%2Cupi_right_1%2Cupi_right_2%2Cupi_content_dynamic%2Cdynamic_1%2Cupi_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2F5%2C%2F0%2F6&prev_iu_szs=1x1%7C970x250%7C728x90%2C1x1%7C300x250%2C1x1%7C300x250%2C320x50%7C1x1%7C300x250%7C640x480%7C336x280%2C1x1%7C728x90%7C970x90&fluid=0%2C0%2C0%2Cheight%2C0&prev_scp=post_id%3D6621635251946%26member%3Dno%26split_version%3D9798%26proper_site%3Dupi%26proper_slot%3D1%26tags%3Dpagetype_article_desktop%252Cpagetype_article%26tags2%3Dauthor_UPIStaff_desktop%252Cauthor_UPIStaff%26tags3%3DPostID_6621635251946_desktop%252CPostID_6621635251946%26tags4%3Dtime_094958_desktop%252Ctime_094958%26tags5%3Dsection_WorldNews_desktop%252Csection_WorldNews%26tags6%3Dtopic_Defense_desktop%252Ctopic_Politics_desktop%252Ctopic_Technology_desktop%252Ctopic_AyatollahAliKhamenei_desktop%252Ctopic_Drones_desktop%252Ctopic_IranNuclearDeal_desktop%252Ctopic_Defense%252Ctopic_Politics%252Ctopic_Technology%252Ctopic_AyatollahAliKhamenei%252Ctopic_Drones%252Ctopic_IranNuclearDeal%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3D6621635251946%26member%3Dno%26split_version%3D9798%26proper_site%3Dupi%26proper_slot%3D3%26tags%3Dpagetype_article_desktop%252Cpagetype_article%26tags2%3Dauthor_UPIStaff_desktop%252Cauthor_UPIStaff%26tags3%3DPostID_6621635251946_desktop%252CPostID_6621635251946%26tags4%3Dtime_094958_desktop%252Ctime_094958%26tags5%3Dsection_WorldNews_desktop%252Csection_WorldNews%26tags6%3Dtopic_Defense_desktop%252Ctopic_Politics_desktop%252Ctopic_Technology_desktop%252Ctopic_AyatollahAliKhamenei_desktop%252Ctopic_Drones_desktop%252Ctopic_IranNuclearDeal_desktop%252Ctopic_Defense%252Ctopic_Politics%252Ctopic_Technology%252Ctopic_AyatollahAliKhamenei%252Ctopic_Drones%252Ctopic_IranNuclearDeal%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3D6621635251946%26member%3Dno%26split_version%3D9798%26proper_site%3Dupi%26proper_slot%3D5%26tags%3Dpagetype_article_desktop%252Cpagetype_article%26tags2%3Dauthor_UPIStaff_desktop%252Cauthor_UPIStaff%26tags3%3DPostID_6621635251946_desktop%252CPostID_6621635251946%26tags4%3Dtime_094958_desktop%252Ctime_094958%26tags5%3Dsection_WorldNews_desktop%252Csection_WorldNews%26tags6%3Dtopic_Defense_desktop%252Ctopic_Politics_desktop%252Ctopic_Technology_desktop%252Ctopic_AyatollahAliKhamenei_desktop%252Ctopic_Drones_desktop%252Ctopic_IranNuclearDeal_desktop%252Ctopic_Defense%252Ctopic_Politics%252Ctopic_Technology%252Ctopic_AyatollahAliKhamenei%252Ctopic_Drones%252Ctopic_IranNuclearDeal%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3D6621635251946%26member%3Dno%26split_version%3D9798%26proper_site%3Dupi%26proper_slot%3D7.01%26tags%3Dpagetype_article_desktop%252Cpagetype_article%26tags2%3Dauthor_UPIStaff_desktop%252Cauthor_UPIStaff%26tags3%3DPostID_6621635251946_desktop%252CPostID_6621635251946%26tags4%3Dtime_094958_desktop%252Ctime_094958%26tags5%3Dsection_WorldNews_desktop%252Csection_WorldNews%26tags6%3Dtopic_Defense_desktop%252Ctopic_Politics_desktop%252Ctopic_Technology_desktop%252Ctopic_AyatollahAliKhamenei_desktop%252Ctopic_Drones_desktop%252Ctopic_IranNuclearDeal_desktop%252Ctopic_Defense%252Ctopic_Politics%252Ctopic_Technology%252Ctopic_AyatollahAliKhamenei%252Ctopic_Drones%252Ctopic_IranNuclearDeal%26proper_floor_640x480%3D2.00%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3D6621635251946%26member%3Dno%26split_version%3D9798%26proper_site%3Dupi%26proper_slot%3D8%26tags%3Dpagetype_article_desktop%252Cpagetype_article%26tags2%3Dauthor_UPIStaff_desktop%252Cauthor_UPIStaff%26tags3%3DPostID_6621635251946_desktop%252CPostID_6621635251946%26tags4%3Dtime_094958_desktop%252Ctime_094958%26tags5%3Dsection_WorldNews_desktop%252Csection_WorldNews%26tags6%3Dtopic_Defense_desktop%252Ctopic_Politics_desktop%252Ctopic_Technology_desktop%252Ctopic_AyatollahAliKhamenei_desktop%252Ctopic_Drones_desktop%252Ctopic_IranNuclearDeal_desktop%252Ctopic_Defense%252Ctopic_Politics%252Ctopic_Technology%252Ctopic_AyatollahAliKhamenei%252Ctopic_Drones%252Ctopic_IranNuclearDeal%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635311644&dt=1635311644596&dlt=1635311642787&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=309%2C991%2C991%2C227%2C-12245933&adys=166%2C717%2C2042%2C1453%2C-12245933&adks=1840319393%2C1870747140%2C1464917774%2C1790296403%2C784876494&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upi.com%2FTop_News%2FWorld-News%2F2021%2F10%2F26%2FIran-gas-station-software-hit-by-cyber-attack%2F6621635251946%2F%3Fu3L%3D1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=982x262%7C300x250%7C300x250%7C658x0%7C728x-1&msz=982x-1%7C300x-1%7C300x-1%7C658x0%7C0x-1&ga_vid=1760181707.1635311643&ga_sid=1635311645&ga_hid=1635089915&ga_fc=true&fws=0%2C0%2C0%2C0%2C640&ohw=0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e6807bba6e4a67845b232d1b8b5ec184a4feda8d3c2a341348319f5cf21c52bd

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNf5tc3q6fMCFb7cEQgd0Z0JoQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10819349632409142898/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNf5tc3q6fMCFb7cEQgd0Z0JoQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10819349632409142898/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52598
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
date: Wed, 27 Oct 2021 05:14:05 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upi.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B15 6 KB
4 KB 92ms
25ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.upi.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 05:14:04 GMT
expires: Thu, 27 Oct 2022 05:14:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET container.html
80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 530C 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ 190 KB
55 KB 77ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 408487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55667
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 13 KB
5 KB 88ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 408487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4996
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 89 KB
28 KB 89ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 408487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28494
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 4 KB
2 KB 92ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 408487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1635
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 40 KB
13 KB 93ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 408487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12816
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
715 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 04:44:05 GMT
server: ESF
date: Wed, 27 Oct 2021 05:14:05 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 05:14:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
744 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 03:51:59 GMT
server: ESF
date: Wed, 27 Oct 2021 05:14:05 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 05:14:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
693 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 03:50:04 GMT
server: ESF
date: Wed, 27 Oct 2021 05:14:05 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 05:14:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
653 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 03:21:16 GMT
server: ESF
date: Wed, 27 Oct 2021 05:14:05 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 05:14:05 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
3 KB 52ms
14ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
server: cafe
age: 57352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 27 Oct 2021 13:18:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
399 B 53ms
15ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Oct 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 19866
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 27 Oct 2021 23:42:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 44ms
18ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5xwsd95upUSdHEtf91JRZqmlToWM8slny0UrmK0p-BmHUUhWBfmBNp59tKen3sxAnt1ImaI2vtZz0a0pwJGabuLeYng
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 20ms
19ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz6l9HOB4Ydj7KL65x_AP0bumiArVuu2DZuaTh_PDDr_hHhABINjqtiBglfrwgYwHoAHY3N2mAcgBCeACAKgDAcgDCqoEhgNP0ESimJlCVLm2acruWcFUetAVQb8e54rf2C1M0wi-hFQ7xPx5Wbf_Iue5RszhtHKKOIUdPJsCVttzaMZgUQl5hWDLeT5ezeLRXyrSS7Z3Mq2imQr0a8uq5XEjRrPSLv-FG1iMjRkn4yNqB4gK_3CzgcVuRvmhhLEMrDORffhGsvNE8V4HacNcITlVh8G814LD_Ls6uSDX5yR9o4hTWfbPmceQheqK7Xu07-67ZSjPJ3m6TfHUdrfvHxNdrvH8XtT7d1DhIHk1ClUubZF2CwZtCfy-Qqw954zznKJY_ja_OMZObu9dSgEcKx2kUKCfc0vPteVOdJcT3FhcIyHYLLmev9q3RVPWI5_lxvvA28nPSHLZTT6Evx9-KEN0bZTXzi4k4saYwokE8qkHgnGNFgZwa0STN70-jszAkilxvDP-LkWgsGjOb_JQbwVACpojamBLm9EnWgp1kvGozmZGs3C84lzvAwO20SnRZQS1j2A2l23wcYIzOjE6KWRg24v6zgoyYmo2fN7ABInVwoTiA-AEAaAGLoAHkKOi2QKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQmsUX0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTA9AVAYAXAbIXHgocCAASFHB1Yi02ODk3OTAyMTkxNzE0ODMzGNCcEg&sigh=usElRyU7eUE&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 44ms
18ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqtGXpQTa_Xas_H9XJVi6puliP7r8AuHKrHXbadw2CGluGwLTHsSgjhM-Srck-WSW0n1N-VpSvhTw1YChrVTimN8vEbg
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 21ms
19ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRQMmHOB4Ydn7KL65x_AP0bumiAq9s5r8Za67v-LFDq4CEAEg2Oq2IGCV-vCBjAegAabv1IsDyAEJqQLDFJ1HXeyEPuACAKgDAcgDCqoE8gJP0NcXTnuhW4uyUlF5OwY0DVD0fZbf4gQygnuN1btfZq1FcSX-ryZY7AsJ4ZDGI-eXy-evMcAvT1JcVu10FMEGF3sKfJqsxu9xbXU-zgA8Q1bH5wd8ioAmbJIfRHyHREumtn_v_F0zbySIc1Ve-oHAXaZWAiNivse4DdahnA79jjXBdsyWHX1sOXCX2IHCjJ09lDJmD0xLQ3aUJFWFNNcoJ60tQ-RjqJeG9ZukFygdRU4kITyEAuuGSAapZhaNa2pKc9HqsztQKvKEqvg0lfYcYXwknFLrwLvWoouqwP7FpPEF1ItV95stX_I60QSqzVSYHgi8FhSSgbKRQk8sxvDB6RJPHUze9YJhyyR1NW650SGYT8ndP7RmHz0ALmyyAGdlEoS4TERvRTLRHA3ao6o6PJgmErI1wY4lW_pV9HUNbzm0RIxi5VTm4Ec-6ecaNBBM2TFTqA3ysdiSOROpLYs-66O2YHVGuOweihm1BqB-inXMwASbldTu9APgBAGgBi6AB8KQq3SoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQuLIU0ggJCIjhgBAQARgdgAoDyAsB2BMDiBQB0BUBgBcBshceChwIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzMY0JwS&sigh=svdjcu3k7Cc&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 27ms
25ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRV9GHOB4Ydr7KL65x_AP0bumiAr2jOjAZdGXxvrVDoiU-IezAhABINjqtiBglfrwgYwHoAGP6JL_A8gBCakCjCB9w9N0sz7gAgCoAwHIAwqqBP8CT9AO_b_iJRodNhqDCRe90P0J8Vv9iIHGD-L7AJY-UoR01YAz8MsIl3dfzFR7lkV8eU_6gPgJ_hNFVFIGMX2ry_niK97fhouO3w4kDOK4OBQLb-BEbyK_Q1nWUC8dDl2HamUzXiSqI7wgTywg4fvNF_d-Ufo0QuX9FkRGI5bwzi83l5DBFojTdRsDP1Q5GdYAHPUjoPxKb4zXF8eKUFv2a1UaEw_5VuOq0K21fdgu4n1dKjoqHziGQL4IjKpb9ElMHFnn-jW4Yt01SyA3wSis6ghObDb1LKXQmytYGdp3d7ZRPSowyuDH6K_BHRqtrbpLuC6JGqQ1VyKqyYlocSck4HZeSB3X390SHfb6fp28mT8R_HWbSm4raHAA9jJAltGvDYAUV9L0BSbJxJ4QpEpA8espsKLRyKqN5xTK_QI4_wqXBJuDSkuRJzvFXSs1EGyZjf5gdJ-xP3ghB2KigFDEmMf9WMUEXEflMBnH4On7M0xYpjKCNz3Lmu7uPn8jwtnABKOArYriA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfZl22oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQzqop0ggJCIjhgBAQARgdgAoDyAsB2BMNiBQC0BUBgBcBshceChwIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzMY0JwS&sigh=gdSWoF9mH5U&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 43ms
18ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR03LRoYU-djfRZWyXaaLKDzdr5yeHa7HRbajGQVJKL1aooWNtqG828dTv3YTKGAzQXpNamKSv9FXd_L7hecMMGTrYavA
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 26ms
24ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_MHWHOB4Ydv7KL65x_AP0bumiArjr5f1ZYXm9Lb5DdLh0uCyARABINjqtiBglfrwgYwHoAHs3_KrAcgBBqkCjCB9w9N0sz7gAgCoAwGqBO0CT9Dwnp3ZxLL6USW--ksHRDvod5-OtGsj6Rl6PDozx1F1etbdfmIDhWubf_EKAfRptBljuWFbOL5KPyZD3w70xt1DQO_DnxjLRUQb7USmXVMsAkrgruhVFlWKsvpBiaiQt2j7NetuePXZXvqRBUFqPqycQPWBNRoKwRBEukduwgjsWgL-DXOY4i64J8tNW8SJUFs_Y3kaVl7tnFEDfYKrebP5F8sca2Cpgsy0DYZM_F37Q5PIVx_R3jA9p9yVstOgJ1rtZJiwzHx9tsra7G8jQfMl9nOpr3dRBcMKj-4Y49oqfzxyx98gOVblJEkkGnBSzzj0nkt2KEnLva033Fz0Jp9mWsVR2TAYr4b06lttodJlM3oZmzA9BPdvmKApPXs46WiSdNfIWiuAgbIi53LkNLRjzxxl79VyPyeTmOVQ4fxoYOwXkDUD3H9QXX0CC5o-75LNePBjaFkr9F2XceQM1npSiiSpZ3nooAMTj0rABIqJ99e7A-AEAZIFBAgEGAGSBQQIBRgEgAf8n43UAqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBChrRfSCAkIiOGAEBABGB2ACgPICwHYEwKIFAHQFQGAFwGyFx4KHAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMxjQnBI&sigh=ob4aTQvvZWw&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

POST
H2 200 event Show response
events.proper.io/api/ 0
79 B 571ms
169ms XHR
application/octet-stream 44.236.248.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.proper.io/api/event
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.248.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-248-159.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:05 GMT
content-length: 0
content-type: application/octet-stream

POST
H2 200 event Show response
events.proper.io/api/ 0
78 B 580ms
180ms XHR
application/octet-stream 44.236.248.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.proper.io/api/event
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.248.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-248-159.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:05 GMT
content-length: 0
content-type: application/octet-stream

POST
H2 200 event Show response
events.proper.io/api/ 0
78 B 589ms
191ms XHR
application/octet-stream 44.236.248.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.proper.io/api/event
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.248.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-248-159.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:05 GMT
content-length: 0
content-type: application/octet-stream

GET
DATA 200
OK truncated
/ 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eec6c15c016fb152c50f5b22af31ed3725e82cf584feb365a8eb0a65d9f87aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 65ms
27ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd30e574f60b2e0527834338070e8929e318d7b163421842e94b8316d2604d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 05:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8525
x-xss-protection: 0

POST
H2 200 event Show response
events.proper.io/api/ 0
78 B 536ms
202ms XHR
application/octet-stream 44.236.248.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.proper.io/api/event
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.248.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-248-159.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Oct 2021 05:14:05 GMT
content-length: 0
content-type: application/octet-stream

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 455314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:45:31 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
21 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 457377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:11:08 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

76ms
38ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.upi.com
URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date: Wed, 27 Oct 2021 05:14:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 178ms
178ms XHR
application/octet-stream 34.210.253.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Oct 2021 05:14:05 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
468 B 368ms
32ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLvtaumR73jIyP1-lAG9-Djk6ix4DyNyJbAgKxx74FiD-BSbSD-cc71Qx6ZOIatyKtrZ_7vCu5VWzQ-OUEamCPLoRBRb0ji0lBbrNICserHTXKvjN2QuX1W0Qf8pEAvfq1n2rStyAOCXed&sai=AMfl-YQgmmKTtiwLhNyvZilaRE7fZnLmeUIqOCll9axvLFkJ2EEVexquJ0ayirS8dCQ_AidZGTAl4146EcMjELW6C3WY5ABiNZIW2gipFxXR6_6dD4N1OrREJNJl_IOdZ6F6&sig=Cg0ArKJSzLkySkUU5v8oEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=72&tls=1073&g=100&h=100&tt=1073&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=784876494

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 05:14:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=72

Domain: 80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com
URL: https://80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upi.com/	1970-01-19 22:29:35	Name: _upi_uid Value: 51d20cda-d198-4e5f-b3da-5c93ed74b738
.upi.com/	1970-01-20 15:46:23	Name: _ga Value: GA1.2.1760181707.1635311643
.upi.com/	1970-01-19 22:16:38	Name: _gid Value: GA1.2.2009010697.1635311643
.upi.com/	1970-01-19 22:15:11	Name: _gat Value: 1
www.upi.com/	1970-01-20 07:43:59	Name: _cb_ls Value: 1
www.upi.com/	1970-01-20 07:43:59	Name: _cb Value: DhsV4TBTKvuvDQuYaI
www.upi.com/	1970-01-20 07:43:59	Name: _chartbeat2 Value: .1635311643073.1635311643073.1.CDM3QwBr67eYDj6Wv-BvQ92yIRXtc.1
www.upi.com/	1970-01-19 22:15:13	Name: _cb_svref Value: null
.quantserve.com/	1970-01-20 07:45:26	Name: mc Value: 6178e01b-49d64-aa749-af01f
www.upi.com/	1970-01-19 22:15:15	Name: _lr_retry_request Value: true
www.upi.com/	1970-01-19 22:58:23	Name: _lr_env_src_ats Value: false
.upi.com/	1970-01-20 07:39:40	Name: __qca Value: P0-1261327613-1635311643293
.bidswitch.net/	1970-01-20 07:00:47	Name: tuuid Value: 050ade5c-cc93-4161-9116-c63328317849
.bidswitch.net/	1970-01-20 07:00:47	Name: c Value: 1635311643
.bidswitch.net/	1970-01-20 07:00:47	Name: tuuid_lu Value: 1635311643
.advertising.com/	1970-01-20 07:02:14	Name: APID Value: UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
.yahoo.com/	1970-01-20 07:01:09	Name: A3 Value: d=AQABBBvgeGECEMNmV90Qz7Y3RHuII1BrkAAFEgEBAQExemGCYQAAAAAA_eMAAA&S=AQAAAp33_SeDKHmCd5VWaZ8MSRI
.analytics.yahoo.com/	1970-01-20 07:02:14	Name: IDSYNC Value: "190z~216t:18zw~216t"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
.yahoo.com/	1970-01-19 22:16:38	Name: APIDTS Value: 1635311643
.openx.net/	1970-01-20 07:00:47	Name: i Value: 7d8bf79b-cf2e-437e-a739-954be461a87c\|1635311643
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56128\|YXjgH
.spotxchange.com/	1970-01-20 07:00:47	Name: audience Value: b39fd799-36e4-11ec-874b-13ae17dc0006
.rubiconproject.com/	1970-01-20 07:00:47	Name: khaos Value: KV92BVQ6-P-AXGD
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.rubiconproject.com/	1970-01-20 07:00:47	Name: audit Value: 1\|hLZGFuTafB3QkvyEhPw7+EZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lkrDyfOstKAf8itUu6BOpNjAUJ+gL7gixT5M2c4DmZCFsqlSNZOaaDQ=
.adnxs.com/	1970-01-20 00:24:47	Name: icu Value: ChgI1LJ5EAoYASABKAEwm8DjiwY4AUABSAEQm8DjiwYYAA..
.adnxs.com/	1970-01-20 00:24:47	Name: uuid2 Value: 7178430022371020470
www.upi.com/	1970-01-19 22:16:38	Name: _lr_geo_location Value: DE
www.upi.com/	1970-01-19 22:58:23	Name: sharedid Value: %7B%22id%22%3A%2201FK02PV8PJA7FSY5BGYFB9A6P%22%2C%22ts%22%3A1635311643927%2C%22ns%22%3Atrue%7D
www.upi.com/	1970-01-19 22:58:23	Name: sharedid_last Value: Wed%2C%2027%20Oct%202021%2005%3A14%3A03%20GMT
.proper.io/	1970-01-19 23:41:35	Name: mediagrid Value: 050ade5c-cc93-4161-9116-c63328317849
.proper.io/	1970-01-19 23:41:35	Name: aol_instream Value: y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
.proper.io/	1970-01-19 23:41:35	Name: verizon_media Value: y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A
.proper.io/	1970-01-19 23:41:35	Name: aol_outstream Value: y-0ju.srxE2uEQBHr8NGvxxLhRqj801U2w~A~UPb387d70e-36e4-11ec-b5f6-064e7a5ce4b6
.proper.io/	1970-01-19 23:41:35	Name: __cf_bm Value: nqLMXRTa.OvVCUKGvWUJSD8OHtPSOEpLrYvU7VVNI7s-1635311643-0-AY%2FSwyxewQSOm1MtOAZ%2BTSj%2Bu4ae6sBRLQm%2BYbzDyFKDQL9kyQ8LB3eJUB3IPqRiWEk8FSCN2IdszYykzFU%2BfFOXUQ07Zdd87ZYTotph3Cwg
.upi.com/	1970-01-20 07:36:47	Name: __gads Value: ID=d0cb60a040ad16a8-225a3efeffca00d9:T=1635311644:S=ALNI_MZrcHnx2zvM7ueAYnwdtol7_Q5A1w
.upi.com/	1970-01-19 22:15:13	Name: properSessionData Value: eyJ1dWlkIjoiNWMyN2Y3NjgtNmFlYS00ZWZjLWFkYTMtNjJkMDJjYTg5YzY5IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDU1LCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiZW14IjoxLCJpbmRleCI6MSwib3BlbngiOjEsInNvdnJuIjoxLCJ0ZWFkcyI6MSwiY3JpdGVvIjoxLCJtYW50aXMiOjEsInNvbm9iaSI6MSwicnViaWNvbiI6MSwiYXBwbmV4dXMiOjEsIm1lZGlhbmV0IjoxLCJwdWJtYXRpYyI6MSwiYWR5b3VsaWtlIjoxLCJyaHl0aG1vbmUiOjEsImp1c3RwcmVtaXVtIjoxLCJpeF9vdXRzdHJlYW0iOjEsInNoYXJldGhyb3VnaCI6MSwiZW14X291dHN0cmVhbSI6MSwib3Blbnhfb3V0c3RyZWFtIjoxLCJzcG90eF9vdXRzdHJlYW0iOjEsInNvbm9iaV9vdXRzdHJlYW0iOjEsInJ1Ymljb25fb3V0c3RyZWFtIjoxLCJ0aGlydHl0aHJlZWFjcm9zcyI6MSwiYXBwbmV4dXNfb3V0c3RyZWFtIjoxLCJwdWJtYXRpY19vdXRzdHJlYW0iOjEsInJoeXRobW9uZV9vdXRzdHJlYW0iOjEsImJlYWNoZnJvbnRfb3V0c3RyZWFtIjoxfSwibGFzdF90aHJlc2hvbGQiOjB9
.doubleclick.net/	1970-01-20 07:36:47	Name: IDE Value: AHWqTUlHBiABp16Gw9pJ1LDTKbP-HtHE7si3ErujD60ZDbjH0pwdl_9prhj5p3rIPxg
.doubleclick.net/	1970-01-19 22:15:15	Name: DSID Value: NO_DATA

97 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1 Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
javascript	error	URL: https://www.upi.com/Top_News/World-News/2021/10/26/Iran-gas-station-software-hit-by-cyber-attack/6621635251946/?u3L=1 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'https://www.upi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=72 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src 'nonce-ejJyaTd6bjNx' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src 'nonce-ejJyaTd6bjNx' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src 'nonce-ejJyaTd6bjNx' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src 'nonce-ejJyaTd6bjNx' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://mantodea.mantisadnetwork.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://mantodea.mantisadnetwork.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://mantodea.mantisadnetwork.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://mantodea.mantisadnetwork.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://biddr.brealtime.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://biddr.brealtime.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://biddr.brealtime.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://biddr.brealtime.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://pre.ads.justpremium.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://pre.ads.justpremium.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://pre.ads.justpremium.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://pre.ads.justpremium.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.teads.tv/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.teads.tv/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.teads.tv/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.teads.tv/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.bfmio.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.bfmio.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.bfmio.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://sync.bfmio.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://eu-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d3terveqlssriz.cloudfront.net/ Message: Refused to frame 'https://de.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors frame-ancestors 'self'
X-Frame-Options	'SAMEORIGIN'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com
a.teads.tv
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
bidder.criteo.com
bids.proper.io
c.amazon-adsystem.com
cdn.ampproject.org
cdn.id5-sync.com
cdnph.upi.com
d3terveqlssriz.cloudfront.net
eb.proper.io
events.proper.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.sharedid.org
id5-sync.com
mantodea.mantisadnetwork.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.advertising.com
pixel.quantserve.com
player.propervideo.io
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.media.net
propermedia-d.openx.net
reachms.bfmio.com
rules.quantcount.com
search.spotxchange.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
static.chartbeat.com
stats.g.doubleclick.net
tag.1rx.io
tpc.googlesyndication.com
ups.analytics.yahoo.com
usync.proper.io
www.google-analytics.com
www.google.com
www.upi.com
x.bidswitch.net
80a29ab64b2f3953be9be310ebb8f5a3.safeframe.googlesyndication.com
api.rlcdn.com
tpc.googlesyndication.com
13.32.99.57
13.32.99.89
141.95.3.9
151.101.2.132
172.217.18.98
178.162.133.150
178.250.2.131
18.193.97.64
185.255.84.151
185.33.221.14
185.64.189.112
185.94.180.124
2.18.232.7
213.19.147.43
216.52.2.39
23.37.38.181
2600:9000:223c:5800:18:1fcd:34f:cdc1
2600:9000:223c:6400:6:44e3:f8c0:93a1
2600:9000:2240:1200:f:baea:96c0:21
2602:803:c004:200::143
2606:4700::6811:4e22
2606:4700::6812:9fea
2606:4700::6812:bcf
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c01::9d
3.120.13.220
3.120.169.248
3.120.57.46
3.126.56.137
3.214.91.80
34.107.148.139
34.149.20.76
34.210.233.105
34.210.253.33
34.95.69.49
34.98.64.218
35.164.52.163
35.170.35.142
44.236.248.159
46.105.202.126
50.17.108.122
52.222.210.175
52.59.27.158
023ee75584a2f6c52b5dcfb79e579d68853731995dbd147e6a8040fd99fab1d9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
0a52522985a337b03f0ad41c5840f6731727234791d7a0c34046ec023eb25831
0f321f37b7ae46fa90e641392266688bfaa0da650de78fc982edd74d71e4e0e8
0f77005572931a527efe0da6c56d39644b3afea28a14a92c88d80064f579e73b
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
14bf88f38c12cb47e14774368ba178d4bee0380a9f3060889a2278420a72ee7d
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b490f3ed06b7c1f2734d74930bf3f5dee77f473c8e01c703d442c12f49e908f
2196ac0d776126f0157006ac692d515d19e531e7a16d53e270bcf25b8ea10da5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eec6c15c016fb152c50f5b22af31ed3725e82cf584feb365a8eb0a65d9f87aa
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ca5c53e0d13be4dcb5c0f8d16a998a83cc1ab978a4e2c30fdea5d817226875
39ec78a08a95ab41a3feb710b13f740b7966442651066dae4eea638bd306b4fe
457c02f151daa04f1479a39751e03c7a59ca69d1e60244b8f9000353bdec081a
489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7
4a57853edef7aae88a06326cc459a0d70845f5b2c72ff39db77aa2762a1dbf57
522e855f32853dfa6b65864feda1e624d16cef78ba82c008922aa4e93c919322
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6264bf1208e9ece3be247a8e3f2b8c6e430ea662ace4f9d50898ab4ed0f3f6a2
65ab603c99ed112880d94b0dd96c8eb41abd4ae5ece0246a9c64ff6210d9fa9b
669071b9168324146c2f7fa42193c8451a7d6d2c2e362243296fa4c8bd8f6259
66e9c1847b133472362c048ca6917876e34ef86feead3bd95080664c1ecd64de
6928158cc18cd9699e5b3ceaa8ebd0f59f0c1d06d9829f057a4fa188f4776917
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73dd1765bd6d97807f252b4bc695d2f7d62dcc9b0d632ac41ae3b4a8c56f9d85
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81065a5108bcee6fbc930d47c8d807f05149f6b249d256c118620d794a19b87b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84080a473dae1331bba197ef11ec79c6f76ef8d7d583d8a1f4fe2a5b89fcc072
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b1c77d8b3d53d8065b098b5c1c34e84dd38c3da02d7e0a78150d0235d3edf89
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
923c1d1a0bc05d95cd6dd96d99bf2cde9332c11b4860ad5a011295b63b5b3d76
9506a0fac1f968b60845afa8d68e282f5f1caa3fae2864c19f8b06f0ccf83838
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9abc665401e0da43f91aded927a47fee9c98a2af62e2d8505a2f0c5af3f99c9f
9e7adcc7b57e8fe78919cfb64e842acb21f4b1beb7e0c744a007e184bb530332
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82c9f7c4041998b00f100570a045e49cb1131b7cda439fcdd70a19081c40451
aa2a4ae9f7ff69d6b3988f700992c0a39fa3920ed0d99904fc437b1e2b885830
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae974dfcf301f907ffda66ca2ff77965916325e113f027e61e42046a965e4a31
b0686c9f651fb41c9c9603bae1efa6afde68c3949fabd68afeaa7374a9888a2e
b0c2a889d07d01755fc1a7818e2d54ba67c7b953b453dc22e8aaedcd29fe0b57
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b2b56b6592ba651688973b189041f1b84738c974872b37d81c71302f70923f49
b5088c2cfc7d60f139f3d8553a7843e8ae4fcb5ebf0b8931a448672784b37296
b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bf1cae0ba544e4037267bdc3558d661566ba3afd8c3a5102ab85532be077764f
bf6860ac9148098752f05575bc0209607482986822d634c19f8fec214fdcc8a6
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
e32ca8802c3ace59502876310092a374ccd6c9f43661f13d25bc81e58151e7c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6807bba6e4a67845b232d1b8b5ec184a4feda8d3c2a341348319f5cf21c52bd
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef71b3b4250fdeae0e4cdadbe5631e1777435f01edfbbe24aea3fa9d7cd323ee
f647fe0b055f7c8c7b774d2d7fb6e3a3b9e13d5ff2876a9bc22a5fc5d9caf44b
fac261b8206927b41ed330a47c1462e69fada052b09c7a1921492f3a4c20520d
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fd30e574f60b2e0527834338070e8929e318d7b163421842e94b8316d2604d2e

www.upi.com Open in urlscan Pro 151.101.2.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

97 %HTTPS

37 %IPv6

44 Domains

58 Subdomains

52 IPs

8 Countries

1177 kBTransfer

3151 kBSize

40 Cookies

4 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.upi.com Open in urlscan Pro
151.101.2.132 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

97 %
HTTPS

37 %
IPv6

44
Domains

58
Subdomains

52
IPs

8
Countries

1177 kB
Transfer

3151 kB
Size

40
Cookies

110 HTTP transactions
1 data transactions